VYPR

Quickjs

by Quickjs Ng

Source repositories

CVEs (19)

  • CVE-2026-37630HigMay 11, 2026
    risk 0.47cvss 7.3epss 0.00

    An issue in QuickJS-NG v.0.12.1 allows an attacker to execute arbitrary code via the js_mapped_arguments_mark function

  • CVE-2026-0821HigJan 10, 2026
    risk 0.40cvss 7.3epss 0.00

    A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been…

  • CVE-2026-3979MedMar 12, 2026
    risk 0.34cvss 5.3epss 0.00

    A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function js_iterator_concat_return of the file quickjs.c. This manipulation causes use after free. The attack requires local access. The exploit has been published and may be used. Patch name:…

  • CVE-2026-1145MedJan 19, 2026
    risk 0.34cvss 6.3epss 0.00

    A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function js_typed_array_constructor_ta of the file quickjs.c. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has…

  • CVE-2026-1144MedJan 19, 2026
    risk 0.34cvss 6.3epss 0.00

    A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be…

  • CVE-2026-0822MedJan 10, 2026
    risk 0.34cvss 6.3epss 0.00

    A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available…

  • CVE-2025-62496Oct 16, 2025
    risk 0.00cvss epss 0.00

    A vulnerability exists in the QuickJS engine's BigInt string parsing logic (js_bigint_from_string) when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits (n_bits) required to store the…

  • CVE-2025-62495Oct 16, 2025
    risk 0.00cvss epss 0.00

    An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due to an inconsistent representation of the bytecode buffer size. * The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\text{size}\_\text{t}$…

  • CVE-2025-62494Oct 16, 2025
    risk 0.00cvss epss 0.00

    A type confusion vulnerability exists in the handling of the string addition (+) operation within the QuickJS engine. * The code first checks if the left-hand operand is a string. * It then attempts to convert the right-hand operand to a primitive value using…

  • CVE-2025-62493Oct 16, 2025
    risk 0.00cvss epss 0.00

    A vulnerability exists in the QuickJS engine's BigInt string conversion logic (js_bigint_to_string1) due to an incorrect calculation of the required number of digits, which in turn leads to reading memory past the allocated BigInt structure. * The function determines the…

  • CVE-2025-62492Oct 16, 2025
    risk 0.00cvss epss 0.00

    A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS engine's implementation of TypedArray.prototype.indexOf() when a negative fromIndex argument is supplied. * The fromIndex argument (read as a double variable, $d$) is used to…

  • CVE-2025-62491Oct 16, 2025
    risk 0.00cvss epss 0.00

    A Use-After-Free (UAF) vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises (ts->rejected_promise_list). * The function js_std_promise_rejection_check attempts to iterate over the…

  • CVE-2025-62490Oct 16, 2025
    risk 0.00cvss epss 0.00

    In quickjs, in js_print_object, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during js_print_value, during which the array could get…

  • CVE-2025-46687Apr 27, 2025
    risk 0.00cvss epss 0.00

    quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.

  • CVE-2025-46688Apr 27, 2025
    risk 0.00cvss epss 0.00

    quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.

  • CVE-2024-13903Mar 21, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in quickjs-ng QuickJS up to 0.8.0. It has been declared as problematic. Affected by this vulnerability is the function JS_GetRuntime of the file quickjs.c of the component qjs. The manipulation leads to stack-based buffer overflow. The attack can be…

  • CVE-2024-33263Apr 26, 2024
    risk 0.00cvss epss 0.00

    QuickJS commit 3b45d15 was discovered to contain an Assertion Failure via JS_FreeRuntime(JSRuntime *) at quickjs.c.

  • CVE-2023-48184Apr 23, 2024
    risk 0.00cvss epss 0.00

    QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage collection of async functions with closures.

  • CVE-2023-48183Apr 23, 2024
    risk 0.00cvss epss 0.01

    QuickJS before c4cdd61 has a build_for_in_iterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval.