Quickjs Project: >> Quickjs Security Vulnerabilities
QuickJS before c4cdd61 has a build_for_in_iterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-04-23
QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage collection of async functions with closures.
CVSS Score
3.9
EPSS Score
0.0
Published
2024-04-23
QuickJS commit 2788d71 was discovered to contain a stack-overflow via the component js_proxy_isArray at quickjs.c.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-05-12
Buffer Overflow vulnerability in quickjs.c in QuickJS, allows remote attackers to cause denial of service. This issue is resolved in the 2020-07-05 release.
CVSS Score
7.5
EPSS Score
0.008
Published
2021-07-13
Page 2