quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
References
Link | Resource |
---|---|
https://bellard.org/quickjs/Changelog | Product |
https://github.com/bellard/quickjs/commit/1eb05e44fad89daafa8ee3eb74b8520b4a37ec9a | Patch |
https://github.com/bellard/quickjs/issues/399 | Exploit Third Party Advisory |
https://github.com/quickjs-ng/quickjs/commit/28fa43d3ddff2c1ba91b6e3a788b2d7ba82d1465 | Patch |
https://github.com/quickjs-ng/quickjs/issues/1018 | Third Party Advisory |
https://github.com/quickjs-ng/quickjs/pull/1020 | Patch |
https://github.com/quickjs-ng/quickjs/issues/1018 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
30 May 2025, 16:29
Type | Values Removed | Values Added |
---|---|---|
References | () https://bellard.org/quickjs/Changelog - Product | |
References | () https://github.com/bellard/quickjs/commit/1eb05e44fad89daafa8ee3eb74b8520b4a37ec9a - Patch | |
References | () https://github.com/bellard/quickjs/issues/399 - Exploit, Third Party Advisory | |
References | () https://github.com/quickjs-ng/quickjs/commit/28fa43d3ddff2c1ba91b6e3a788b2d7ba82d1465 - Patch | |
References | () https://github.com/quickjs-ng/quickjs/issues/1018 - Third Party Advisory | |
References | () https://github.com/quickjs-ng/quickjs/pull/1020 - Patch | |
First Time |
Quickjs Project quickjs
Quickjs Project Quickjs-ng Quickjs-ng quickjs |
|
CPE | cpe:2.3:a:quickjs-ng:quickjs:*:*:*:*:*:*:*:* cpe:2.3:a:quickjs_project:quickjs:*:*:*:*:*:*:*:* |
28 Apr 2025, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://github.com/quickjs-ng/quickjs/issues/1018 - |
27 Apr 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-04-27 20:15
Updated : 2025-05-30 16:29
NVD link : CVE-2025-46688
Mitre link : CVE-2025-46688
CVE.ORG link : CVE-2025-46688
JSON object : View
Products Affected
quickjs-ng
- quickjs
quickjs_project
- quickjs
CWE
CWE-131
Incorrect Calculation of Buffer Size