Vulnerabilidades em denoland
40 resultadosCVE-2024-34346HIGHDeno contains a permission escalation via open of privileged files with missing `--deny` flagEPSS 0.4%CVE-2025-48934MEDIUMDeno.env.toObject() ignores the variables listed in --deny-env and returns all environment variablesEPSS 0.4%CVE-2025-48888MEDIUMDeno run with --allow-read and --deny-read flags results in allowedEPSS 0.3%CVE-2024-32477HIGHRace condition when flushing input stream leads to permission prompt bypassEPSS 0.3%CVE-2024-32468MEDIUMImproper neutralization of input during web page generation ("Cross-site Scripting") in deno_doc HTML generatorEPSS 0.3%CVE-2025-55195HIGH@std/toml Prototype Pollution in Node.js and BrowserEPSS 0.3%CVE-2026-49402HIGHDeno: Command Injection via spawnSync & spawn on WindowsEPSS 0.3%CVE-2025-24015HIGHDeno's AES GCM authentication tags are not verifiedEPSS 0.2%CVE-2026-22863CRITICALDeno node:crypto doesn't finalize cipherEPSS 0.2%CVE-2026-55517MEDIUMDeno: Denial of service via non-ASCII bytes in WebSocket response headersEPSS 0.2%CVE-2025-61785LOWDeno's --deny-write check does not prevent permission bypassEPSS 0.2%CVE-2025-61786LOWDeno's --deny-read check does not prevent permission bypassEPSS 0.2%CVE-2026-49440HIGHDeno: Miller-Rabin Primality Test Allows Zero RoundsEPSS 0.1%CVE-2026-49401HIGHDeno Permission Bypass via Unicode Normalization Mismatch on macOS (APFS)EPSS 0.1%CVE-2026-44726HIGHDeno: TLS retry copies stale upgrade hook, risking plaintext trafficEPSS 0.1%CVE-2026-49406MEDIUMDeno: BYONM module resolution allows `package.json` main path traversal to bypass `--allow-read` restrictionsEPSS 0.1%CVE-2026-49411MEDIUMDeno Node TCPWrap numeric hostname aliases bypass --deny-net resolved-IP deny checksEPSS 0.1%CVE-2026-49859MEDIUMDeno: `fetch()` API sandbox bypass via missing DNS resolution checkEPSS 0.1%CVE-2026-49860MEDIUMDeno: WebSocket API sandbox bypass via missing post-DNS checkEPSS 0.1%CVE-2026-49983MEDIUMDeno: process.loadEnvFile() bypasses env permission checks and mutates process.env with only read accessEPSS 0.1%