CVE-2023-48183

April 23, 2024, 12:52 p.m.

None
No Score

Description

QuickJS before c4cdd61 has a build_for_in_iterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval.

Product(s) Impacted

Product Versions
QuickJS
  • before c4cdd61

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://github.com/bellard/quickjs/commit/c4cdd61a3ed284cd760faf6b00bbf0cb908da077
https://github.com/bellard/quickjs/issues/192

Tags

Date

  • Published: April 23, 2024, 7:15 a.m.
  • Last Modified: April 23, 2024, 12:52 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.