CVE-2025-62490 HIGH

CVE-2025-62490: Use-after-free in js_print_object in QuickJS

Vendor Quickjs
Product QuickJS
Weakness CWE-416
Published October 16, 2025
Last update October 16, 2025

CVSS base score

8.8/10
Attack vector Adjacent
Attack complexity High
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L

What the vulnerability does

01Description

In quickjs, in js_print_object, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during js_print_value, during which the array could get resized and len1 become out of bounds. This results in a use-after-free.A second instance occurs in the same function during printing of a map or set objects. The code iterates over ms->records list, but once again, elements could be removed from the list during js_print_value call.

Key dates

02Disclosure timeline

October 16, 2025 CVE published
October 16, 2025 Record updated