Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
janet-lang janet handleattr specials.c janetc_varset out-of-bounds
Vulnerability Description
A vulnerability was identified in janet-lang janet up to 1.40.1. Affected by this vulnerability is the function janetc_varset of the file src/core/specials.c of the component handleattr Handler. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is publicly available and might be used. Upgrading to version 1.41.0 addresses this issue. The identifier of the patch is 2fabc80151a2b8834ee59cda8a70453f848b40e5. The affected component should be upgraded.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
跨界内存读
Vulnerability Title
Janet 缓冲区错误漏洞
Vulnerability Description
Janet是Janet Language开源的一种函数式和命令式编程语言和字节码解释器。 janet-lang janet 1.40.1及之前版本存在缓冲区错误漏洞,该漏洞源于src/core/specials.c文件中janetc_varset函数存在越界读取。
CVSS Information
N/A
Vulnerability Type
N/A