You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A new review of available-by-default ops has revealed Deno.core.ops.op_panic, which when called forces a panic in the thread containing the runtime, violating the sandbox and possibly triggering a DOS.
The text was updated successfully, but these errors were encountered:
rscarson
changed the title
Vulnerability: The deno core exposes an op_panic in the base runtime which can force a panic in the runtime's containing thread
The deno core exposes an op_panic in the base runtime which can force a panic in the runtime's containing thread
Jul 18, 2024
See [rscarson/rustyscript/issues/174]
A new review of available-by-default ops has revealed
Deno.core.ops.op_panic
, which when called forces a panic in the thread containing the runtime, violating the sandbox and possibly triggering a DOS.This can be fixed by stubbing out the panic op:
The text was updated successfully, but these errors were encountered: