Описание
quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
Ссылки
EPSS
Процентиль: 3%
0.00019
Низкий
5.6 Medium
CVSS3
Дефекты
CWE-770
Связанные уязвимости
CVSS3: 5.6
ubuntu
около 2 месяцев назад
quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
CVSS3: 5.6
debian
около 2 месяцев назад
quickjs-ng through 0.9.0 has a missing length check in JS_ReadString f ...
CVSS3: 5.6
github
около 2 месяцев назад
quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
EPSS
Процентиль: 3%
0.00019
Низкий
5.6 Medium
CVSS3
Дефекты
CWE-770