Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistFacebookCVELIST:CVE-2020-1912
HistorySep 09, 2020 - 6:50 p.m.

CVE-2020-1912

2020-09-0918:50:17
CWE-787
facebook
www.cve.org
3
vulnerability
facebook hermes
arbitrary code
crafted javascript
react native applications

EPSS

0.006

Percentile

78.3%

JSON

An out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions in Facebook Hermes prior to commit 091835377369c8fd5917d9b87acffa721ad2a168 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.

CNA Affected

[
  {
    "product": "Hermes",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "commit prior to 091835377369c8fd5917d9b87acffa721ad2a168"
      }
    ]
  }
]

Related

prion 1
cve 1
github 1
osv 2
nvd 1
prion
prion
Design/Logic Flaw
2020-09-09 19:15:00
cve
cve
CVE-2020-1912
2020-09-09 19:15:20
github
github
Out-of-bounds Read and Out-of-bounds Write in Facebook Hermes
2022-05-24 17:27:38
osv
osv
CVE-2020-1912
2020-09-09 19:15:20
Out-of-bounds Read and Out-of-bounds Write in Facebook Hermes
2022-05-24 17:27:38
nvd
nvd
CVE-2020-1912
2020-09-09 19:15:20

EPSS

0.006

Percentile

78.3%

JSON
Related for CVELIST:CVE-2020-1912
prion1cve1github1osv2nvd1