deno_runtime
crates.io5 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting deno_runtimepage 1 of 1
- CVE-2023-28445CRITICALCVSS 9.9EG 9.9✓ Fixed in 0.103.02023-03-24
vulnerable: 0.102.0
Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is …
- CVE-2023-28446HIGHCVSS 8.8EG 8.8✓ Fixed in 1.31.22023-03-24
Deno is a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Arbitrary program names without any ANSI filtering allows any malicious program to clear the first 2 lines of a `op_spawn_child` o…
- CVE-2023-33966HIGHCVSS 8.6EG 8.6✓ Fixed in 0.115.02023-05-31
vulnerable: 0.114.0
Deno is a runtime for JavaScript and TypeScript. In deno 1.34.0 and deno_runtime 0.114.0, outbound HTTP requests made using the built-in `node:http` or `node:https` modules are incorrectly not checked against the network permission allow l…
- CVE-2024-27936HIGHCVSS 8.8EG 8.8✓ Fixed in 0.147.02024-03-21
Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41.0 of the deno library, maliciously crafted permission request can show the spoofed permission prompt by in…
- CVE-2025-48934MEDIUMCVSS 5.3EG 5.3✓ Fixed in 0.212.02025-06-04
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to versions 2.1.13 and 2.2.13, the `Deno.env.toObject` method ignores any variables listed in the `--deny-env` option of the `deno run` command. When looking at the documenta…
Check whether deno_runtime is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for deno_runtime CVEs against the assets you own.
Start Free Scan →