Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Deno node:crypto doesn't finalize cipher
Vulnerability Description
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.6.0, node:crypto doesn't finalize cipher. The vulnerability allows an attacker to have infinite encryptions. This can lead to naive attempts at brute forcing, as well as more refined attacks with the goal to learn the server secrets. This vulnerability is fixed in 2.6.0.
CVSS Information
N/A
Vulnerability Type
缺少必要的密码学步骤
Vulnerability Title
Deno 安全漏洞
Vulnerability Description
Deno是Deno开源的一个简单、现代且安全的 JavaScript 和 TypeScript 运行环境。 Deno 2.6.0之前版本存在安全漏洞,该漏洞源于node:crypto未完成密码加密,可能导致无限加密攻击。
CVSS Information
N/A
Vulnerability Type
N/A