CNNVD-202506-3006 Information

CNNVD ID

CNNVD-202506-3006

Related CVE

CVE-2025-6536

• CNNVD Published: 2025-06-24

Description (Chinese)

Tarantool是Tarantool开源的一个计算软件。 Tarantool 3.3.1及之前版本存在安全漏洞，该漏洞源于datetime.c库中tm_to_datetime函数存在可达断言问题。

Description (English)

Tarantool is an open source computing software. There is a security loophole in Tarantool 3.3.1 and previous versions, which stems from the issue of the tm to datetime function in the Datatime.c library.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Tarantool

Published

2025-06-24

Last Modified

2026-02-24

References

https://github.com/tarantool/tarantool/issues/11347 https://github.com/user-attachments/files/19613858/tarantool_crash.txt https://vuldb.com/?ctiid.313663 https://vuldb.com/?id.313663 https://vuldb.com/?submit.597454 https://access.redhat.com/security/cve/cve-2025-6536

Patch

https://github.com/tarantool/tarantool/releases