Описание
quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| noble | needs-triage | |
| oracular | needs-triage | |
| plucky | needs-triage | |
| upstream | needs-triage |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 4%
0.00022
Низкий
5.6 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.6
nvd
около 2 месяцев назад
quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
CVSS3: 5.6
debian
около 2 месяцев назад
quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadB ...
CVSS3: 5.6
github
около 2 месяцев назад
quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
EPSS
Процентиль: 4%
0.00022
Низкий
5.6 Medium
CVSS3