CNNVD-202602-1325 Information
CNNVD ID
CNNVD-202602-1325
Related CVE
- CNNVD Published: 2026-02-09
Description (Chinese)
Janet是Janet Language开源的一种函数式和命令式编程语言和字节码解释器。 Janet 1.40.1及之前版本存在缓冲区错误漏洞,该漏洞源于函数os_strftime存在越界读取,可能导致信息泄露。
Description (English)
Janet is a functional and command-based programming language and byte code interpreter for the Janet Language Open Source. Janet 1.40.1 and previous versions had an error loophole in the buffer zone, which stemmed from the cross-border reading of the function Os strftime, which could lead to the disclosure of information.
Hazard Level
Critical
Vulnerability Type
缓冲区错误
Affected Vendor
Janet Language
Published
2026-02-09
Last Modified
2026-02-24
References
https://github.com/janet-lang/janet/ https://github.com/janet-lang/janet/commit/0f285855f0e34f9183956be5f16e045f54626bff https://github.com/janet-lang/janet/issues/1701 https://github.com/janet-lang/janet/issues/1701#event-4446770461 https://github.com/oneafter/0123/blob/main/ja3/repro https://vuldb.com/?ctiid.344980 https://vuldb.com/?id.344980 https://vuldb.com/?submit.753156
Share on: