CNNVD-202510-2342 Information
Oct 16, 2025
cve
CNNVD ID
CNNVD-202510-2342
Related CVE
- CNNVD Published: 2025-10-16
Description (Chinese)
QuickJS是QuickJS开源的一个小型且可嵌入的 Javascript 引擎。 QuickJS存在安全漏洞,该漏洞源于正则表达式引擎中整数溢出导致的缓冲区大小表示不一致,可能导致越界写入。
Description (English)
QuickJS is a small, embedded Javascript engine for QuickJS open source. There is a security loophole in QuickJS, which stems from inconsistent indications of the size of the buffer zone caused by the full spill in the regular expression engine, which may lead to cross-border writing.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
QuickJS
Published
2025-10-16
Last Modified
2026-02-24
References
https://bellard.org/quickjs/Changelog https://issuetracker.google.com/434196926
Share on: