Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow
Vulnerability Description
A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called c5d80831e51e48a83eab16ea867be87f091783c5. A patch should be applied to remediate this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
QuickJS 安全漏洞
Vulnerability Description
QuickJS是QuickJS开源的一个小型且可嵌入的 Javascript 引擎。 QuickJS 0.11.0及之前版本存在安全漏洞,该漏洞源于文件quickjs.c中函数js_typed_array_constructor存在堆缓冲区溢出,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A