3784 matches found
CVE-2025-69654
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...
EUVD-2025-208349
A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 2025-12-11, in file gcdecrefchild in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort SIGABRT...
EUVD-2025-208350
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...
DEBIAN-CVE-2025-69654
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...
UBUNTU-CVE-2025-69654
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...
CVE-2025-69654
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...
DEBIAN-CVE-2025-69653
A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 2025-12-11, in file gcdecrefchild in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort SIGABRT...
UBUNTU-CVE-2025-69653
A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 2025-12-11, in file gcdecrefchild in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort SIGABRT...
CVE-2025-69653
A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 2025-12-11, in file gcdecrefchild in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort SIGABRT...
QuickJS 安全漏洞
QuickJS is a small and embeddable JavaScript engine developed by the QuickJS open-source project. The QuickJS 2025-09-13 version contains a security vulnerability. This vulnerability stems from a garbage collection internal assertion failure when processing specially crafted JavaScript inputs,...
CVE-2025-69654
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...
CVE-2025-69653
A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 2025-12-11, in file gcdecrefchild in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort SIGABRT...
PT-2026-23748
Name of the Vulnerable Software and Affected Versions QuickJS versions 2025-09-13 through 2025-12-11 Description A specially crafted JavaScript input, when executed with the qjs interpreter using the -m option and a limited memory allocation, can lead to an out-of-memory condition. This is follow...
CVE-2025-69653
A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 2025-12-11, in file gcdecrefchild in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort SIGABRT...
CVE-2025-69654
A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...
CVE-2025-69653
A crafted JavaScript input can trigger an internal assertion failure in QuickJS release 2025-09-13, fixed in commit 1dbba8a88eaa40d15a8a9b70bb1a0b8fb5b552e6 2025-12-11, in file gcdecrefchild in quickjs.c, when executed with the qjs interpreter using the -m option. This leads to an abort SIGABRT...
CVE-2025-69653
CVE-2025-69653 affects QuickJS: when using the qjs interpreter with the -m option, a crafted JavaScript input can trigger an internal assertion in gc_decref_child (quickjs.c), causing an abort (SIGABRT) during garbage collection and a denial‑of‑service. The issue is fixed in commit 1dbba8a88eaa40...
SUSE CVE-2026-27623
Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming requests, the Valkey system does not properly reset the networking...
CVE-2026-21864
CVE-2026-21864 affects Valkey-Bloom (a Rust module for Valkey KV) where a crafted RESTORE command can trigger a server shutdown due to an assertion during RDB parsing if the VALKEYMODULE_OPTIONS_HANDLE_IO_ERRORS flag is not set. The issue existed despite the module handling parsing; a patch (comm...
CVE-2026-2523
Open5GS Open5GS (up to 2.7.6) is affected in the SMF path, specifically the smf_gn_handle_create_pdp_context_request function in src/smf/gn-handler.c. The issue is a manipulation that leads to a reachable assertion, allowing remote exploitation. Public exploits exist and disclosure occurred with ...