Lucene search
K

10 matches found

CVE
CVE
added 2026/06/19 6:14 p.m.14 views

CVE-2026-49293

CVE-2026-49293 affects js-toml up to v1.1.0. The parsing of hexadecimal/octal/binary integer literals uses a hand-written parseBigInt loop that multiplies the BigInt accumulator by the radix for every digit, yielding an O(n^2) time complexity in the length of the literal. A single TOML document c...

7.5CVSS5.8AI score0.00415EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2025/10/16 6:30 p.m.6 views

EUVD-2025-34778

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

7.1CVSS6.6AI score0.00437EPSS
Exploits1References3
NVD
NVD
added 2025/10/16 4:15 p.m.3 views

CVE-2025-62496

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

8.8CVSS0.00437EPSS
Exploits1References2
OSV
OSV
added 2025/10/16 4:15 p.m.4 views

DEBIAN-CVE-2025-62496

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

8.8CVSS5.6AI score0.00437EPSS
Exploits1References1
OSV
OSV
added 2025/10/16 4:15 p.m.3 views

UBUNTU-CVE-2025-62496

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

8.8CVSS6AI score0.00437EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2025/10/16 3:52 p.m.3 views

CVE-2025-62496

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

8.8CVSS6.8AI score0.00437EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/16 3:52 p.m.3 views

CVE-2025-62496 Integer overflow in js_bigint_from_string in QuickJS

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

7.1CVSS6.8AI score0.00437EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2025/10/16 3:52 p.m.4 views

CVE-2025-62496

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

8.8CVSS5.6AI score0.00437EPSS
Exploits1
CVE
CVE
added 2025/10/16 3:52 p.m.21 views

CVE-2025-62496

The CVE refers to QuickJS: BigInt parsing in js_bigint_from_string. When converting a decimal string with an extremely large number of digits, the code computes n_bits as (n_digits × 27 + 7) / 8. For very large inputs (e.g., tens of millions of digits), this intermediate value overflows a 32-bit ...

8.8CVSS6.8AI score0.00437EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.4 views

QuickJS 安全漏洞

QuickJS is a small and embeddable Javascript engine open-sourced by QuickJS. A security vulnerability exists in QuickJS that stems from an integer overflow in the BigInt string parsing logic, which could result in a heap out-of-bounds write...

8.8CVSS6.8AI score0.00437EPSS
Exploits1References2
Rows per page
Query Builder