Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistFacebookCVELIST:CVE-2022-32234
HistoryOct 11, 2022 - 12:00 a.m.

CVE-2022-32234

2022-10-1100:00:00
CWE-787
facebook
www.cve.org
5
out of bounds write
hermes
arbitrary code
crafted javascript
react native applications
cve-2022-32234

AI Score

10

Confidence

High

EPSS

0.003

Percentile

69.9%

JSON

An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.

CNA Affected

[
  {
    "vendor": "Facebook",
    "product": "Hermes",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Related

cve 1
prion 1
veracode 1
osv 1
nvd 1
cve
cve
CVE-2022-32234
2022-10-11 01:15:08
prion
prion
Design/Logic Flaw
2022-10-11 01:15:00
veracode
veracode
Arbitrary Code Execution
2022-10-11 09:46:57
osv
osv
CVE-2022-32234
2022-10-11 01:15:08
nvd
nvd
CVE-2022-32234
2022-10-11 01:15:08

AI Score

10

Confidence

High

EPSS

0.003

Percentile

69.9%

JSON
Related for CVELIST:CVE-2022-32234
cve1prion1veracode1osv1nvd1