Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

boa-dev/boa
main @ b562725
8
Fixes
0
CVEs
HIGH
Peak severity
Highlights
Auth Bypass: 2 prior fixes. Scrutinize any change in this area.
.github/workflows: most-fixed (1 issue). Treat as high-risk during review.
4 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Use After Free: A critical logical flaw in the custom garbage collector permitted non-root reference counts to exceed physical reference counts, triggering premature collection of live heap objects. This is a severe threat to memory safety that could lead to arbitrary code execution within the engine.
Memory Corruption: Precision loss during u64 to f64 casting during index validation bypassed the bounds check in %TypedArray%.prototype.with(), permitting out-of-bounds heap operations.
Integer Overflow: Truncation of 64-bit size values when converting to platform-specific usize during ArrayBuffer allocation could cause undersized memory allocations, leading to heap out-of-bounds corruption.