CNNVD-202601-3007 Information

CNNVD ID

CNNVD-202601-3007

Related CVE

CVE-2026-1144

• CNNVD Published: 2026-01-19

Description (Chinese)

QuickJS是QuickJS开源的一个小型且可嵌入的 Javascript 引擎。 QuickJS 0.11.0及之前版本存在资源管理错误漏洞，该漏洞源于对文件quickjs.c的错误操作，可能导致释放后重用。

Description (English)

QuickJS is a small, embedded Javascript engine for QuickJS open source. QuickJS 0.11.0 and previous versions had a resource management error gap, which stemmed from an error in the quickjs.c of the document and could lead to reuse after release.

Hazard Level

High

Vulnerability Type

资源管理错误

Affected Vendor

QuickJS

Published

2026-01-19

Last Modified

2026-02-24

References

https://github.com/quickjs-ng/quickjs/commit/ea3e9d77454e8fc9cb3ef3c504e9c16af5a80141 https://github.com/quickjs-ng/quickjs/issues/1301 https://github.com/quickjs-ng/quickjs/issues/1302 https://github.com/quickjs-ng/quickjs/pull/1303 https://vuldb.com/?ctiid.341737 https://vuldb.com/?id.341737 https://vuldb.com/?submit.735537 https://vuldb.com/?submit.735538 https://access.redhat.com/security/cve/cve-2026-1144