Security Advisories · denoland/deno · GitHub

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

Improper suffix match testing for DENO_AUTH_TOKENS
GHSA-5frw-4rwq-xhcr published Mar 5, 2024 by mmastrac

Moderate
Exposure of sensitive information using static imports
GHSA-jv4x-jv3h-qff5 published Jun 3, 2025 by bartlomieju

Moderate
Arbitrary file descriptor close via `op_node_ipc_pipe()` leading to permission prompt bypass
GHSA-6q4w-9x56-rmwq published Mar 5, 2024 by mmastrac

High
*const c_void / ExternalPointer unsoundness leading to use-after-free
GHSA-3j27-563v-28wf published Mar 5, 2024 by mmastrac

Moderate
Cross-Session Data Contamination in Deno's Node.js Compatibility Runtime
GHSA-wrqv-pf6j-mqjp published Mar 5, 2024 by mmastrac

High
Missing "--allow-net" permission check for built-in Node modules
GHSA-vc52-gwm3-8v2f published May 30, 2023 by bartlomieju

High
Interactive permission prompt spoofing via improper ANSI stripping
GHSA-m4pq-fv2w-6hrw published Mar 5, 2024 by mmastrac

High
Improper handling of resizable ArrayBuffer in async built-in functions
GHSA-c25x-cm9x-qqgx published Mar 23, 2023 by lucacasonato

Critical
Regular Expression Denial of Service in Deno.upgradeWebSocket API
GHSA-jc97-h3h9-7xh6 published Mar 23, 2023 by bartlomieju

Moderate
Interactive `run` permission prompt spoofing via improper ANSI neutralization
GHSA-vq67-rp93-65qf published Mar 23, 2023 by bartlomieju

High