deno
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | A secure runtime for JavaScript and TypeScript |
Version | 2.0.0-1 [extra] |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-2664 | 1.20.2-1 | 1.20.3-1 | Critical | Fixed | |
AVG-2015 | 1.10.1-1 | 1.10.2-1 | Critical | Fixed |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2022-24783 | AVG-2664 | Critical | Yes | Arbitrary code execution | The versions of Deno between release 1.18.0 and 1.20.2 (inclusive) are vulnerable to an attack where a malicious actor controlling the code executed in a... |
CVE-2021-32619 | AVG-2015 | Critical | Yes | Access restriction bypass | In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file... |