Summary
Deno: BYONM module resolution allows `package.json` main path traversal to bypass `--allow-read` restrictions
References
Related vulnerabilities
All Supply chain →- HIGHGHSA-R4GV-QR8J-P3PG
handlebars.java FileTemplateLoader Path Traversal
- HIGHGHSA-R2WG-2MCR-66RV
Open WebUI: Path traversal / SSRF in terminal server proxy via encoded path traversal
- MEDIUMGHSA-J2C8-V969-8R5C
Open WebUI: Sibling-Prefix Path Traversal via /cache/{path}
- HIGHGHSA-PM6V-2H4W-4RP2
Gogs: Overwriting critical files results in a denial of service
- HIGHGHSA-QRP7-CVWR-J2C6
Caddy: Windows `file_server` path authorization bypass via encoded backslash
- HIGHGHSA-7CX2-G3H9-382P
Crawl4AI: Arbitrary file write (symlink/TOCTOU) plus log and webhook-header injection in Docker server