Vulnerabilities in QuickJS Project

2 results

CVE-2025-46688MEDIUMquickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS bEPSS 0.3%CVE-2025-46687MEDIUMquickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2EPSS 0.2%