13 matches found
EUVD-2025-11857
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-48183
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of this with eval. CVE-2023-48183 Note that Nessu...
CVE-2025-32792 ses's global contour bindings leak into Compartment lexical scope
SES safely executes third-party JavaScript 'strict' mode programs in compartments that have no excess authority in their global scope. Prior to version 1.12.0, web pages and web extensions using ses and the Compartment API to evaluate third-party code in an isolated execution environment that hav...
GHSA-H9W6-F932-GQ62 ses's global contour bindings leak into Compartment lexical scope
Impact Web pages and web extensions using ses and the Compartment API to evaluate third-party code in an isolated execution environment that have also elsewhere used const, let, and class bindings in the top-level scope of a tag will have inadvertently revealed these bindings in the lexical scope...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference due to an erroneous lexical scope of this with eval. An attacker can cause a denial of service or potentially execute arbitrary code by triggering a NULL pointer dereference. PoC c function foo function Bar clas...
CVE-2023-48183
QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...
CVE-2023-48183
QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...
CVE-2023-48183
QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...
UBUNTU-CVE-2023-48183
QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...
CVE-2023-48183
CVE-2023-48183 affects QuickJS prior to commit c4cdd61. The vulnerability stems from an erroneous lexical scope of the value of this with eval, causing a NULL pointer dereference in build_for_in_iterator. Documented impact includes possible crashes/denial of service and potential arbitrary code e...
CVE-2023-48183
QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...
CVE-2023-48183
QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...
[SECURITY] Fedora 35 Update: golang-starlark-0-0.7.20210113gite81fc95.fc35
Starlark is a dialect of Python intended for use as a configuration language. Like Python, it is an untyped dynamic language with high-level data types, first-class functions with lexical scope, and garbage collection. Unlike CPython, independent Starlark threads execute in parallel, so Starlark...