4 matches found
CVE-2026-2869
CVE-2026-2869 affects janet-lang/janet up to 1.40.1. The exposed vulnerability is in the function janetc_varset within src/core/specials.c of the handleattr Handler, leading to an out-of-bounds read. Exploitation is local-only; the exploit is publicly available. Mitigation is upgrading to version...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the updateChannelAction function, which does not sufficiently check user permissions before executing a delete operation. Any user can delete posts containing actions posted by the Playbooks bot. Remediation...
PT-2024-22150 · Deno · Deno
Name of the Vulnerable Software and Affected Versions: Deno versions 1.32.1 through 1.40.x Description: A maliciously crafted permission request can show a spoofed permission prompt by inserting a broken ANSI escape sequence into the request contents. Deno strips any ANSI escape sequences from th...
PT-2020-4061 · Nghttp2 +9 · Nghttp2 +9
Name of the Vulnerable Software and Affected Versions: nghttp2 versions prior to 1.41.0 Description: The issue is related to the handling of HTTP/2 SETTINGS frames in nghttp2, where an overly large frame payload can cause a denial of service. A malicious client can construct a SETTINGS frame with...