Description
Janet before 1.22.0 mishandles arrays.
References (3)
Core 3
Core References
Third Party Advisory x_refsource_misc
https://github.com/janet-lang/janet/compare/v1.21.1...v1.22.0
Release Notes, Third Party Advisory x_refsource_misc
https://github.com/janet-lang/janet/releases/tag/v1.22.0
Exploit, Technical Description, Third Party Advisory x_refsource_misc
https://blog.convisoappsec.com/en/bug-hunting-in-the-janet-language-interpreter/
Scores
CVSS v3
7.5
EPSS
0.0083
EPSS Percentile
74.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-129
Status
published
Products (1)
janet-lang/janet
< 1.22.0
Published
May 16, 2022
Tracked Since
Feb 18, 2026