mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
974 B
974 B
CVE-2024-27931
Description
Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Insufficient validation of parameters in Deno.makeTemp* APIs would allow for creation of files outside of the allowed directories. This may allow the user to overwrite important files on the system that may affect other systems. A user may provide a prefix or suffix to a Deno.makeTemp* API containing path traversal characters. This is fixed in Deno 1.41.1.
POC
Reference
No PoCs from references.