CVE-2024-33263

Publication date 14 May 2024

Last updated 15 April 2025

Ubuntu priority

QuickJS commit 3b45d15 was discovered to contain an Assertion Failure via JS_FreeRuntime(JSRuntime *) at quickjs.c.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
quickjs	25.04 plucky	Not affected
	24.10 oracular	Not affected
	24.04 LTS noble	Fixed 2021.03.27-1ubuntu0.1~esm1 Ubuntu Pro
	23.10 mantic	Ignored end of life, was needs-triage
	22.04 LTS jammy	Not in release
	20.04 LTS focal	Not in release

How can I get the fixes?
What do statuses mean?

Get expanded security coverage with Ubuntu Pro

Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.

Get Ubuntu Pro

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-7439-1
QuickJS vulnerabilities
15 April 2025

Other references

https://www.cve.org/CVERecord?id=CVE-2024-33263
https://github.com/bellard/quickjs/issues/277
https://github.com/quickjs-ng/quickjs/pull/474