Quickjs Project

Quickjs

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-62496

Exploit
  • EPSS 0.04%
  • Veröffentlicht 16.10.2025 15:52:05
  • Zuletzt bearbeitet 28.10.2025 18:17:32

A vulnerability exists in the QuickJS engine's BigInt string parsing logic (js_bigint_from_string) when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits (n_b...

8.8

CVE-2025-62495

Exploit
  • EPSS 0.04%
  • Veröffentlicht 16.10.2025 15:51:58
  • Zuletzt bearbeitet 29.10.2025 18:56:54

An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due to an inconsistent representation of the bytecode buffer size. * The regular expression bytecode is stored in a DynBuf structure, which correctly us...

8.8

CVE-2025-62494

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.10.2025 15:51:50
  • Zuletzt bearbeitet 29.10.2025 18:58:16

A type confusion vulnerability exists in the handling of the string addition (+) operation within the QuickJS engine. * The code first checks if the left-hand operand is a string. * It then attempts to convert the right-hand operand to a pri...

6.5

CVE-2025-62493

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.10.2025 15:51:42
  • Zuletzt bearbeitet 29.10.2025 18:59:51

A vulnerability exists in the QuickJS engine's BigInt string conversion logic (js_bigint_to_string1) due to an incorrect calculation of the required number of digits, which in turn leads to reading memory past the allocated BigInt structure. * Th...

6.5

CVE-2025-62492

Exploit
  • EPSS 0.02%
  • Veröffentlicht 16.10.2025 15:51:34
  • Zuletzt bearbeitet 30.10.2025 16:21:28

A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS engine's implementation of TypedArray.prototype.indexOf() when a negative fromIndex argument is supplied. * The fromIndex argument (read as a double va...

8.8

CVE-2025-62491

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.10.2025 15:51:24
  • Zuletzt bearbeitet 30.10.2025 16:27:28

A Use-After-Free (UAF) vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises (ts->rejected_promise_list). * The function js_std_promise_rejection_check attempts to iterate...

8.8

CVE-2025-62490

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.10.2025 15:51:06
  • Zuletzt bearbeitet 30.10.2025 16:29:11

In quickjs, in js_print_object, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during js_print_value, during w...

7.8

CVE-2025-46687

Exploit
  • EPSS 0.04%
  • Veröffentlicht 27.04.2025 00:00:00
  • Zuletzt bearbeitet 14.01.2026 17:30:17

quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.

8.4

CVE-2025-46688

Exploit
  • EPSS 0.03%
  • Veröffentlicht 27.04.2025 00:00:00
  • Zuletzt bearbeitet 30.05.2025 16:29:54

quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.

7.5

CVE-2023-48183

Exploit
  • EPSS 0.05%
  • Veröffentlicht 23.04.2024 07:15:42
  • Zuletzt bearbeitet 15.10.2025 14:53:54

QuickJS before c4cdd61 has a build_for_in_iterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval.