PT-2024-13554 · Quickjs+2 · Quickjs+2
Anbu1024
·
Published
2024-04-23
·
Updated
2025-10-15
·
CVE-2023-48184
CVSS v3.1
3.9
Low
| Vector | AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
QuickJS versions prior to 7414e5f
Description
The issue arises from incorrect garbage collection of async functions with closures, leading to a use-after-free in
JS FreeValueRT in quickjs.h.Recommendations
For versions prior to 7414e5f, update to version 7414e5f or later to resolve the issue.
Exploit
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linuxmint
Quickjs
Ubuntu