12 matches found
EUVD-2023-31806
Malicious code in bioql PyPI...
CVE-2023-28081
A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted...
Use-After-Free
hermes-engine is vulnerable to Use-After-Free. When Hermes allows execution of untrusted JavaScript, an attacker is able to execute arbitrary code on the target system via a carefully crafted malicious payload, which is made possible due to a bytecode optimization bug, that results in...
CVE-2023-28081
A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted...
CVE-2023-28081
A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted...
CVE-2023-28081
A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted...
Design/Logic Flaw
A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted...
CVE-2023-28081
CVE-2023-28081 involves a bytecode optimization bug in the Hermes JavaScript engine (used by React Native). The flaw, present in Hermes builds prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81, can cause a use-after-free and enable arbitrary code execution via a carefully crafted payload. ...
CVE-2023-28081
A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted...
CVE-2023-28081
A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted...
PT-2023-21541 · Hermes · Hermes
Name of the Vulnerable Software and Affected Versions: Hermes versions prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 Description: A bytecode optimization bug could be used to cause a use-after-free and obtain arbitrary code execution via a carefully crafted payload. This is only...
Facebook Hermes 资源管理错误漏洞
Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native applications to improve the performance of mobile client application apps, but not for server-side infrastructures such as browsers & Node.js. A security vulnerability exists in...