CVE-2025-69653
- EPSS 0.22%
- Veröffentlicht 06.03.2026 00:00:00
- Zuletzt bearbeitet 02.06.2026 18:40:18
A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 (2025-12-11), in file gc_decref_child in quickjs.c, when executed with the qjs interpreter us...
CVE-2025-69654
- EPSS 0.28%
- Veröffentlicht 06.03.2026 00:00:00
- Zuletzt bearbeitet 02.06.2026 18:40:28
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 (2025-12-11),`qjs` interpreter using the `-m` option and a low memory limit can cause an out-of-memory condition followe...
CVE-2025-62496
- EPSS 0.44%
- Veröffentlicht 16.10.2025 15:52:05
- Zuletzt bearbeitet 28.10.2025 18:17:32
A vulnerability exists in the QuickJS engine's BigInt string parsing logic (js_bigint_from_string) when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits (n_b...
CVE-2025-62495
- EPSS 0.42%
- Veröffentlicht 16.10.2025 15:51:58
- Zuletzt bearbeitet 29.10.2025 18:56:54
An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due to an inconsistent representation of the bytecode buffer size. * The regular expression bytecode is stored in a DynBuf structure, which correctly us...
CVE-2025-62494
- EPSS 0.47%
- Veröffentlicht 16.10.2025 15:51:50
- Zuletzt bearbeitet 29.10.2025 18:58:16
A type confusion vulnerability exists in the handling of the string addition (+) operation within the QuickJS engine. * The code first checks if the left-hand operand is a string. * It then attempts to convert the right-hand operand to a pri...
CVE-2025-62493
- EPSS 0.35%
- Veröffentlicht 16.10.2025 15:51:42
- Zuletzt bearbeitet 29.10.2025 18:59:51
A vulnerability exists in the QuickJS engine's BigInt string conversion logic (js_bigint_to_string1) due to an incorrect calculation of the required number of digits, which in turn leads to reading memory past the allocated BigInt structure. * Th...
CVE-2025-62492
- EPSS 0.36%
- Veröffentlicht 16.10.2025 15:51:34
- Zuletzt bearbeitet 30.10.2025 16:21:28
A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS engine's implementation of TypedArray.prototype.indexOf() when a negative fromIndex argument is supplied. * The fromIndex argument (read as a double va...
CVE-2025-62491
- EPSS 0.37%
- Veröffentlicht 16.10.2025 15:51:24
- Zuletzt bearbeitet 30.10.2025 16:27:28
A Use-After-Free (UAF) vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises (ts->rejected_promise_list). * The function js_std_promise_rejection_check attempts to iterate...
CVE-2025-62490
- EPSS 0.37%
- Veröffentlicht 16.10.2025 15:51:06
- Zuletzt bearbeitet 30.10.2025 16:29:11
In quickjs, in js_print_object, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during js_print_value, during w...
CVE-2025-46687
- EPSS 0.25%
- Veröffentlicht 27.04.2025 00:00:00
- Zuletzt bearbeitet 14.01.2026 17:30:17
quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.