Lucene search
Veracode Vulnerability DatabaseVERACODE:37494HistoryOct 11, 2022 - 9:46 a.m.
Arbitrary Code Execution
2022-10-1109:46:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
hermes-engine
vulnerability
arbitrary code execution
smallvectorbase::grow_pod function
software
javascript
EPSS
0.003
Percentile
69.9%
hermes-engine is vulnerable to arbitrary code execution. The vulnerability is due to the SmallVectorBase::grow_pod functions handling of large arrays which allows an attacker to potentially execute arbitrary code via malicious JavaScript.
Related
cve
cve
CVE-2022-32234
2022-10-11 01:15:08
prion
prion
Design/Logic Flaw
2022-10-11 01:15:00
cvelist
cvelist
CVE-2022-32234
2022-10-11 00:00:00
osv
osv
CVE-2022-32234
2022-10-11 01:15:08
nvd
nvd
CVE-2022-32234
2022-10-11 01:15:08