PT-2025-45149 · Quickjs+1 · Quickjs+1

Im-Razvan

Publicado

2025-11-05

Atualizado

2026-01-08

CVE-2025-12745

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions QuickJS versions prior to eb2c89087def1829ed99630cb14b549d7a98408c

Description A flaw exists in QuickJS that allows for a buffer over-read. This issue is related to the js array buffer slice function within the quickjs.c file. Exploitation is limited to local execution. The exploit code has been publicly released.

Recommendations Deploy patch c6fe5a98fd3ef3b7064e6e0145dfebfe12449fea.

Exploit

Correção

Buffer Overflow

Buffer Over-read

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-126CWE-125

Identificadores relacionados

CVE-2025-12745

Produtos afetados

Debian

Quickjs

PT-2025-45149 · Quickjs+1 · Quickjs+1

CVE-2025-12745

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 16