CVE-2024-13903 quickjs-ng QuickJS qjs quickjs.c JS_GetRuntime stack-based overflow

🗓️ 21 Mar 2025 07:00:14Reported by VulDBType

Vulnerability in quickjs-ng QuickJS up to 0.8.0 causes stack-based overflow, upgrade to 0.9.0.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-13903	21 Mar 202507:19	–	circl
CNNVD	QuickJS 安全漏洞	21 Mar 202500:00	–	cnnvd
CVE	CVE-2024-13903	21 Mar 202507:00	–	cve
Debian CVE	CVE-2024-13903	21 Mar 202507:00	–	debiancve
EUVD	EUVD-2025-7259	3 Oct 202520:07	–	euvd
NVD	CVE-2024-13903	21 Mar 202507:15	–	nvd
OSV	DEBIAN-CVE-2024-13903	21 Mar 202507:15	–	osv
OSV	UBUNTU-CVE-2024-13903	21 Mar 202507:15	–	osv
RedhatCVE	CVE-2024-13903	21 Mar 202511:28	–	redhatcve
UbuntuCve	CVE-2024-13903	21 Mar 202500:00	–	ubuntucve

[
  {
    "vendor": "quickjs-ng",
    "product": "QuickJS",
    "versions": [
      {
        "version": "0.1",
        "status": "affected"
      },
      {
        "version": "0.2",
        "status": "affected"
      },
      {
        "version": "0.3",
        "status": "affected"
      },
      {
        "version": "0.4",
        "status": "affected"
      },
      {
        "version": "0.5",
        "status": "affected"
      },
      {
        "version": "0.6",
        "status": "affected"
      },
      {
        "version": "0.7",
        "status": "affected"
      },
      {
        "version": "0.8",
        "status": "affected"
      }
    ],
    "modules": [
      "qjs"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/quickjs-ng/quickjs/issues/775
github	www.github.com/quickjs-ng/quickjs/commit/99c02eb45170775a9a679c32b45dd4000ea67aff
github	www.github.com/quickjs-ng/quickjs/releases/tag/v0.9.0
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

21 Mar 2025 07:00Current

CVSS 3.14.3

CVSS 34.3

CVSS 25

CVSS 45.3

EPSS0.0066

vulnerability quickjs-ng stack-based overflow upgrade 0.9.0