Package impact
crates.io / deno_runtime
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-48934 | unknown | — | — | 1y ago | Deno.env.toObject() ignores the variables listed in --deny-env and returns all environment variables | |||
| CVE-2025-48888 | unknown | — | — | 1y ago | Deno run with --allow-read and --deny-read flags results in allowed | |||
| CVE-2024-27936 | unknown | — | — | 2y ago | Deno's deno_runtime vulnerable to interactive permission prompt spoofing via improper ANSI stripping | |||
| CVE-2023-33966 | unknown | — | — | 3y ago | Missing "--allow-net" permission check for built-in Node modules | |||
| CVE-2023-28446 | unknown | — | — | 3y ago | Interactive `run` permission prompt spoofing via improper ANSI neutralization | |||
| CVE-2023-28445 | unknown | — | — | 3y ago | Deno improperly handles resizable ArrayBuffer |