Quickjs Security Vulnerabilities and Issues — Quickjs CVE List

Lucene search

Quickjs ProjectQuickjs

4 matches found

CVE•added 2025/04/27 8:15 p.m.•47 views

CVE-2025-46688

quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.

8.4CVSS5.7AI score0.00023EPSS

CVE•added 2025/04/27 8:15 p.m.•40 views

CVE-2025-46687

quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.

5.6CVSS7.1AI score0.00019EPSS

CVE•added 2023/05/12 2:15 p.m.•37 views

CVE-2023-31922

QuickJS commit 2788d71 was discovered to contain a stack-overflow via the component js_proxy_isArray at quickjs.c.

7.5CVSS7.5AI score0.00078EPSS

CVE•added 2021/07/13 3:15 p.m.•28 views

CVE-2020-22876

Buffer Overflow vulnerability in quickjs.c in QuickJS, allows remote attackers to cause denial of service. This issue is resolved in the 2020-07-05 release.

7.5CVSS7.3AI score0.00694EPSS