CNNVD-202510-2348 Information

CNNVD ID

CNNVD-202510-2348

Related CVE

CVE-2025-62490

• CNNVD Published: 2025-10-16

Description (Chinese)

QuickJS是QuickJS开源的一个小型且可嵌入的 Javascript 引擎。 QuickJS存在安全漏洞，该漏洞源于js_print_object函数在打印数组和集合对象时未正确处理回调期间的数组大小变化，可能导致释放后重用。

Description (English)

QuickJS is a small, embedded Javascript engine for QuickJS open source. QuickJS has a security loophole, which stems from the error of the js print object function when printing arrays and aggregate objects to correct the changes in array sizes during the echo, which may lead to reuse after release.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

QuickJS

Published

2025-10-16

Last Modified

2026-02-24

References

https://bellard.org/quickjs/Changelog https://issuetracker.google.com/434196651