Lucene search
+L

5 matches found

ATTACKERKB
ATTACKERKB
added 2023/05/18 10:15 p.m.1 views

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

9.8CVSS6.3AI score0.00891EPSS
Exploits0References3
NVD
NVD
added 2023/05/18 10:15 p.m.50 views

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

9.8CVSS9.7AI score0.00891EPSS
Exploits0References2
CVE
CVE
added 2023/05/18 9:19 p.m.53 views

CVE-2023-23557

CVE-2023-23557 affects Facebook Hermes (JavaScript engine used in React Native). The root cause is a type-confusion bug caused by copying object properties prior to commit, enabling an attacker to execute arbitrary code when Hermes runs untrusted JavaScript. The vulnerability is described across ...

9.8CVSS9.6AI score0.00891EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/18 9:19 p.m.12 views

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

8AI score0.00891EPSS
Exploits0References2
OSV
OSV
added 2023/05/18 9:19 p.m.35 views

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

9.8CVSS8AI score0.00891EPSS
Exploits0References4
Rows per page
Query Builder