CNNVD-202602-1331 Information
CNNVD ID
CNNVD-202602-1331
Related CVE
- CNNVD Published: 2026-02-09
Description (Chinese)
Janet是Janet Language开源的一种函数式和命令式编程语言和字节码解释器。 Janet 1.40.1及之前版本存在缓冲区错误漏洞,该漏洞源于函数janetc_pop_funcdef存在越界读取,可能导致信息泄露。
Description (English)
Janet is a functional and command-based programming language and byte code interpreter for the Janet Language Open Source. Janet 1.40.1 and previous versions had an error loophole in the buffer zone, which stemmed from the presence of the function janetc pop funcdef, which could lead to a leak of information, which was read across borders.
Hazard Level
Critical
Vulnerability Type
缓冲区错误
Affected Vendor
Janet Language
Published
2026-02-09
Last Modified
2026-02-24
References
https://github.com/janet-lang/janet/ https://github.com/janet-lang/janet/commit/4dd08a4cdef5b1c42d9a2c19fc24412e97ef51d5 https://github.com/janet-lang/janet/issues/1702 https://github.com/janet-lang/janet/issues/1702#issuecomment-3790473369 https://github.com/oneafter/0123/blob/main/ja4/repro https://vuldb.com/?ctiid.344979 https://vuldb.com/?id.344979 https://vuldb.com/?submit.753155
Share on: