CNNVD-202601-1995 Information

CNNVD ID

CNNVD-202601-1995

Related CVE

CVE-2025-68701

• CNNVD Published: 2026-01-13

Description (Chinese)

Jervis是Sam Gleske个人开发者的一个自动化工具。 Jervis 2.2之前版本存在安全漏洞，该漏洞源于从口令确定性派生AES IV，可能导致加密漏洞。

Description (English)

Jervis is an automated tool for Sam Gleske’s personal developers. There was a security loophole in the previous version of Jervis 2.2, which stemmed from AES IV, derived from password certainty, which could lead to encryption loopholes.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-13

Last Modified

2026-02-24

References

https://github.com/samrocketman/jervis/security/advisories/GHSA-crxp-chh4-9ghp https://github.com/samrocketman/jervis/commit/c3981ff71de7b0f767dfe7b37a2372cb2a51974a https://access.redhat.com/security/cve/cve-2025-68701

Patch

https://sam.gleske.net/jervis-api/2.2/