Quickjs Project

Quickjs

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.22%
  • Veröffentlicht 06.03.2026 00:00:00
  • Zuletzt bearbeitet 02.06.2026 18:40:18

A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 (2025-12-11), in file gc_decref_child in quickjs.c, when executed with the qjs interpreter us...

Exploit
  • EPSS 0.28%
  • Veröffentlicht 06.03.2026 00:00:00
  • Zuletzt bearbeitet 02.06.2026 18:40:28

A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 (2025-12-11),`qjs` interpreter using the `-m` option and a low memory limit can cause an out-of-memory condition followe...

Exploit
  • EPSS 0.44%
  • Veröffentlicht 16.10.2025 15:52:05
  • Zuletzt bearbeitet 28.10.2025 18:17:32

A vulnerability exists in the QuickJS engine's BigInt string parsing logic (js_bigint_from_string) when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits (n_b...

Exploit
  • EPSS 0.42%
  • Veröffentlicht 16.10.2025 15:51:58
  • Zuletzt bearbeitet 29.10.2025 18:56:54

An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due to an inconsistent representation of the bytecode buffer size. * The regular expression bytecode is stored in a DynBuf structure, which correctly us...

Exploit
  • EPSS 0.47%
  • Veröffentlicht 16.10.2025 15:51:50
  • Zuletzt bearbeitet 29.10.2025 18:58:16

A type confusion vulnerability exists in the handling of the string addition (+) operation within the QuickJS engine. * The code first checks if the left-hand operand is a string. * It then attempts to convert the right-hand operand to a pri...

Exploit
  • EPSS 0.35%
  • Veröffentlicht 16.10.2025 15:51:42
  • Zuletzt bearbeitet 29.10.2025 18:59:51

A vulnerability exists in the QuickJS engine's BigInt string conversion logic (js_bigint_to_string1) due to an incorrect calculation of the required number of digits, which in turn leads to reading memory past the allocated BigInt structure. * Th...

Exploit
  • EPSS 0.36%
  • Veröffentlicht 16.10.2025 15:51:34
  • Zuletzt bearbeitet 30.10.2025 16:21:28

A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS engine's implementation of TypedArray.prototype.indexOf() when a negative fromIndex argument is supplied. * The fromIndex argument (read as a double va...

Exploit
  • EPSS 0.37%
  • Veröffentlicht 16.10.2025 15:51:24
  • Zuletzt bearbeitet 30.10.2025 16:27:28

A Use-After-Free (UAF) vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises (ts->rejected_promise_list). * The function js_std_promise_rejection_check attempts to iterate...

Exploit
  • EPSS 0.37%
  • Veröffentlicht 16.10.2025 15:51:06
  • Zuletzt bearbeitet 30.10.2025 16:29:11

In quickjs, in js_print_object, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during js_print_value, during w...

Exploit
  • EPSS 0.25%
  • Veröffentlicht 27.04.2025 00:00:00
  • Zuletzt bearbeitet 14.01.2026 17:30:17

quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.