CVE-2021-41641

Published June 12th, 2022

View on NVD ↗

CVSS v3

8.4

HIGH

CVSS v2

3.6

LOW

Affected

PROJECT

Description

Deno <=1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory.

denoland/deno

A modern runtime for JavaScript and TypeScript.

GitHub

107K