CVE-2022-24783

Name of the Vulnerable Software and Affected Versions Deno versions 1.18.0 through 1.20.2

Description The issue allows a malicious actor controlling the code executed in a Deno runtime to bypass all permission checks and execute arbitrary shell code. This does not affect users of Deno Deploy. The cause of this error was that certain FFI operations did not correctly check for permissions.

Recommendations For Deno versions 1.18.0 through 1.20.2, upgrade to Deno 1.20.3 immediately, as this version includes the patch for the issue. There is no workaround for this issue, so upgrading is the recommended course of action.