CNNVD-202510-1202 Information

Oct 08, 2025 cve

CNNVD ID

CNNVD-202510-1202

CVE-2025-61786

  • CNNVD Published: 2025-10-08

Description (Chinese)

Deno是Deno开源的一个简单、现代且安全的 JavaScript 和 TypeScript 运行环境。 Deno 2.5.3之前版本和2.2.15之前版本存在安全漏洞,该漏洞源于权限模型检查不足,可能导致绕过权限模型。

Description (English)

Deno is a simple, modern and safe JavaScript and TypeScript operating environment for Deno. There is a security loophole in the previous Deno 2.5.3 and 2.2.15 versions, which stems from inadequate inspection of the permission model and may lead to circumvention of the permission model.

Hazard Level

Critical

Vulnerability Type

其他

Published

2025-10-08

Last Modified

2026-02-24

References

https://github.com/denoland/deno/commit/1ab2268c0bcbf9b0468e0e36963f77f8c31c73ec https://github.com/denoland/deno/pull/30876 https://github.com/denoland/deno/releases/tag/v2.2.15 https://github.com/denoland/deno/releases/tag/v2.5.3 https://github.com/denoland/deno/security/advisories/GHSA-qq26-84mh-26j9 https://access.redhat.com/security/cve/cve-2025-61786

Patch

https://deno.com/

Share on: