CVE-2023-48184

Опубликовано: 23 апр. 2024

Источник: debian

EPSS Низкий

Описание

QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage collection of async functions with closures.

Пакет	Статус	Версия исправления	Релиз	Тип
quickjs	fixed	2024.01.13-1		package

https://github.com/bellard/quickjs/issues/198
https://github.com/bellard/quickjs/issues/156
https://github.com/bellard/quickjs/commit/7414e5f67f9a404f3cf91ffa69d0c93bf46d099e

EPSS

Процентиль: 6%

0.00023

Низкий

CVE-2023-48184

CVSS3: 3.9

ubuntu

почти 2 года назад

QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage collection of async functions with closures.

CVE-2023-48184

CVSS3: 3.9

nvd

почти 2 года назад

QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage collection of async functions with closures.

GHSA-px9h-hqw8-r2j9

CVSS3: 3.9

github

почти 2 года назад

QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage collection of async functions with closures.

EPSS

Процентиль: 6%

0.00023

Низкий