CVE-2025-24015 is a high-severity cryptographic vulnerability affecting the Deno runtime versions 1.46.0 through 2.1.6. Deno is a modern runtime for JavaScript, TypeScript, and WebAssembly, widely used for server-side and scripting applications. The vulnerability stems from improper verification of the authentication tag in AES-GCM encryption modes (specifically AES-256-GCM and AES-128-GCM). AES-GCM is an authenticated encryption algorithm that provides both confidentiality and integrity by combining AES encryption in CTR mode with a Galois Message Authentication Code (GMAC). The authentication tag is critical to ensure that ciphertexts have not been tampered with and that the decryption key is correct. In the affected Deno versions, the authentication tag is not validated during decryption, which means that tampered ciphertexts or incorrect keys may not be detected. This effectively reduces AES-GCM to AES-CTR mode, which only provides confidentiality but no integrity or authenticity guarantees. Additionally, the vulnerability impacts the handling of authenticated additional data (AAD) set via set_aad, which is incorporated into the GCM hash but also not validated, rendering AAD protections ineffective. This flaw breaks the fundamental security guarantees expected from AES-GCM, potentially allowing attackers to manipulate encrypted data undetected or cause incorrect decryption results without triggering errors. The issue was introduced in version 1.46.0 and fixed in version 2.1.7. Notably, older versions of Deno and Node.js correctly validated the authentication tag and threw errors on verification failure. The CVSS 4.0 base score is 7.7 (high), reflecting the network attack vector, no required privileges or user interaction, and a high impact on integrity. No known exploits are currently reported in the wild. This vulnerability is classified under CWE-347 (Improper Verification of Cryptographic Signature).

For European organizations using Deno in their development or production environments, this vulnerability poses a significant risk to data integrity and authenticity. Applications relying on AES-GCM encryption for securing sensitive data, communications, or tokens may be vulnerable to undetected ciphertext tampering or key misuse. This could lead to unauthorized data manipulation, injection of malicious payloads, or bypassing of security controls that depend on cryptographic assurances. Since Deno is often used in modern web services, microservices, and serverless functions, the impact could extend to critical business applications, APIs, and cloud-native deployments. The lack of authentication tag verification undermines trust in encrypted data, potentially exposing organizations to data corruption, fraud, or compliance violations related to data protection regulations such as GDPR. Moreover, attackers could exploit this flaw remotely without authentication or user interaction, increasing the threat surface. While no active exploits are known, the high severity and ease of exploitation warrant urgent attention. The impact on confidentiality is moderate since encryption still occurs, but integrity and authenticity are severely compromised, which can have cascading effects on application logic and security.

European organizations should immediately assess their use of Deno runtime versions between 1.46.0 and 2.1.6. The primary mitigation is to upgrade all affected Deno instances to version 2.1.7 or later, where the authentication tag verification issue is patched. Until upgrades can be performed, organizations should consider disabling or avoiding the use of AES-GCM encryption within Deno or implement additional application-level integrity checks as a temporary safeguard. Security teams should audit cryptographic usage in their codebases to identify reliance on AES-GCM and verify that authentication tags are properly validated. Incorporating cryptographic libraries with proven and tested implementations or fallback mechanisms may reduce risk. Monitoring network traffic and application logs for anomalies related to encrypted data manipulation can help detect exploitation attempts. Additionally, organizations should review their incident response plans to handle potential data integrity breaches. Vendor communication channels and security advisories from denoland should be monitored for further updates or exploit disclosures. Finally, developers should be trained on the importance of cryptographic validation and the risks of improper implementation to prevent similar issues in the future.