Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-1144

Опубликовано: 19 янв. 2026
Источник: debian
EPSS Низкий

Описание

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is identified as ea3e9d77454e8fc9cb3ef3c504e9c16af5a80141. Applying a patch is advised to resolve this issue.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
quickjsunfixedpackage
quickjsno-dsatrixiepackage
quickjsno-dsabookwormpackage

Примечания

  • https://github.com/quickjs-ng/quickjs/issues/1301

  • https://github.com/quickjs-ng/quickjs/issues/1302

  • https://github.com/quickjs-ng/quickjs/pull/1303

  • https://github.com/quickjs-ng/quickjs/commit/ea3e9d77454e8fc9cb3ef3c504e9c16af5a80141

EPSS

Процентиль: 18%
0.00057
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2026-1144

CVSS3: 6.3
ubuntu
20 дней назад

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is identified as ea3e9d77454e8fc9cb3ef3c504e9c16af5a80141. Applying a patch is advised to resolve this issue.

nvd логотип

CVE-2026-1144

CVSS3: 6.3
nvd
20 дней назад

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is identified as ea3e9d77454e8fc9cb3ef3c504e9c16af5a80141. Applying a patch is advised to resolve this issue.

github логотип

GHSA-2gmr-vqp5-r9qg

CVSS3: 6.3
github
19 дней назад

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is identified as ea3e9d77454e8fc9cb3ef3c504e9c16af5a80141. Applying a patch is advised to resolve this issue.

EPSS

Процентиль: 18%
0.00057
Низкий