CVE-2025-46687

Опубликовано: 27 апр. 2025

Источник: ubuntu

Приоритет: medium

CVSS3: 5.6

Описание

quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.

Релиз	Статус	Примечание
devel	needs-triage
esm-apps/noble	needs-triage
esm-infra/focal	DNE
focal	DNE
jammy	DNE
noble	needs-triage
oracular	needs-triage
plucky	needs-triage
upstream	needs-triage

Показывать по

Ссылки на источники

5.6 Medium

CVSS3

Связанные уязвимости

CVE-2025-46687

CVSS3: 5.6

nvd

около 2 месяцев назад

quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.

CVE-2025-46687

CVSS3: 5.6

debian

около 2 месяцев назад

quickjs-ng through 0.9.0 has a missing length check in JS_ReadString f ...

GHSA-hrc5-3jpv-g9x2

CVSS3: 5.6

github

около 2 месяцев назад

quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.

5.6 Medium

CVSS3

CVE-2025-46687

Описание

Пакет quickjs

Ссылки на источники

Связанные уязвимости