CNNVD-202601-2571 Information

CNNVD ID

CNNVD-202601-2571

Related CVE

CVE-2026-22775

• CNNVD Published: 2026-01-15

Description (Chinese)

Svelte是Svelte开源的一种构建 Web 应用程序的新方法。 Svelte 5.1.0版本至5.6.1版本存在安全漏洞，该漏洞源于ArrayBuffer水合过程未检查输入假设，可能导致拒绝服务。

Description (English)

Svelte is a new method of building Web applications from the Svelte Open Source. Sverete, versions 5.1.0 to 5.6.1, had a security loophole, which stemmed from the non-checking of input assumptions in the Array Buffer hydrate process and could lead to the denial of services.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Svelte

Published

2026-01-15

Last Modified

2026-02-24

References

https://github.com/sveltejs/devalue/commit/11755849fa0634ae294a15ec0aef2f43efcad7c4 https://github.com/sveltejs/devalue/releases/tag/v5.6.2 https://github.com/sveltejs/devalue/security/advisories/GHSA-g2pg-6438-jwpf

Patch

https://github.com/sveltejs/devalue/releases