PT-2026-24918 · Git+2 · Quickjs
Im-Razvan
·
Publicado
2026-03-12
·
Atualizado
2026-03-12
·
CVE-2026-3979
CVSS v3.1
5.3
Média
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
quickjs-ng quickjs versions through 0.12.1
Description
An issue exists in quickjs-ng quickjs up to version 0.12.1, specifically within the
js iterator concat return function located in the quickjs.c file. This manipulation leads to a use-after-free condition. Exploitation requires local access. The exploit has been published and is potentially available for use. The vulnerable function is js iterator concat return.Recommendations
quickjs-ng quickjs versions through 0.12.1: Apply the patch daab4ad4bae4ef071ed0294618d6244e92def4cd to resolve this issue.
Exploit
Correção
Buffer Overflow
Use After Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Quickjs