Lucene search
PRIOn knowledge basePRION:CVE-2024-27931HistoryMar 05, 2024 - 5:15 p.m.
Path traversal
2024-03-0517:15:00
PRIOn knowledge base
www.prio-n.com
5
path traversal
javascript
typescript
webassembly
insufficient validation
file creation
overwrite
system impact
fixed vulnerability
Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Insufficient validation of parameters in Deno.makeTemp* APIs would allow for creation of files outside of the allowed directories. This may allow the user to overwrite important files on the system that may affect other systems. A user may provide a prefix or suffix to a Deno.makeTemp* API containing path traversal characters. This is fixed in Deno 1.41.1.
Related
nvd
nvd
CVE-2024-27931
2024-03-05 17:15:07
cvelist
cvelist
CVE-2024-27931 Insufficient permission checking in `Deno.makeTemp*` APIs
2024-03-05 16:43:11
osv
osv
Insufficient permission checking in `Deno.makeTemp*` APIs
2024-03-05 16:19:44
github
github
Insufficient permission checking in `Deno.makeTemp*` APIs
2024-03-05 16:19:44
cve
cve
CVE-2024-27931
2024-03-05 17:15:07