Use-After-Free

hermes-engine is vulnerable to Use-After-Free. When Hermes allows execution of untrusted JavaScript, an attacker is able to cause remote code execution due to a use-after-free bug, which is possible as a result of unsound inference in the bytecode generation when optimizations are enabled...

Type Confusion

hermes-engine is vulnerable to Type Confusion. When Hermes allows execution of untrusted JavaScript, an attacker is able to inject and execute malicious code on the system due to a type confusion bug which occurs as a result of copying objects properties...

Use-After-Free

hermes-engine is vulnerable to Use-After-Free. When Hermes allows execution of untrusted JavaScript, an attacker is able to leak raw data from Hermes VM’s heap due to a use-after-free in BigIntPrimitive addition...

Denial Of Service (DoS)

hermes-engine is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause a null pointer dereference when the EnableHermesInternal config option was set to true, causing the application to crash...

Type Confusion

hermes-engine is vulnerable to Type Confusion. A remote attacker is able to inject malicious content due to insufficient checks in TypeInference.cpp, which results in type confusion, leading arbitrary code execution via untrusted JavaScript...

Arbitrary Code Execution

hermes-engine is vulnerable to Arbitrary Code Execution. A remote attacker is able to inject and execute malicious code on the server when the library permits the execution of untrusted JavaScript via an out-of-bound write...

Denial Of Service (DoS)

Hermes-engine is vulnerable to Denial of Service. The vulnerability exists due to the function parseArrowFunctionExpression in JSParserImpl.cpp, where an infinite recursion condition in the error handler allows an attacker to execute maliciously formed JavaScript causing an application crash...

Arbitrary Code Execution

hermes-engine is vulnerable to arbitrary code execution. The vulnerability exists due to the integer conversion error in the library, which performs out-of-bounds operations and subsequently executes arbitrary code execution, resulting in an application crash...

Arbitrary Code Execution

hermes-engine is vulnerable to arbitrary code execution. The vulnerability exists due to a write-what-where condition caused by an integer overflow in growAndRehash function of CodeBlock.h which allows an attacker to potentially execute arbitrary code via crafted javascript...

Arbitrary Code Execution

hermes-engine is vulnerable to arbitrary code execution. The vulnerability is due to the SmallVectorBase::growpod functions handling of large arrays which allows an attacker to potentially execute arbitrary code via malicious JavaScript...

Facebook Hermes 安全漏洞

Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native apps to improve the performance of mobile client apps, but not server-side infrastructures such as browsers & Node.js. A security vulnerability exists in Facebook Hermes, which...

Facebook Hermes 资源管理错误漏洞

Facebook Hermes is a JavaScript engine from Facebook, Inc. The engine is targeted at React Native applications to improve the performance of mobile client application apps, but is not applicable to server-side infrastructures such as browsers ＆ Node.js. An input validation error vulnerability...