Lucene search
Veracode Vulnerability DatabaseVERACODE:37543HistoryOct 13, 2022 - 9:03 a.m.
Denial Of Service (DoS)
2022-10-1309:03:45
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
hermes-engine
dos
vulnerability
parsearrowfunctionexpression
javascript
application crash
EPSS
0.001
Percentile
38.4%
Hermes-engine is vulnerable to Denial of Service. The vulnerability exists due to the function parseArrowFunctionExpression in JSParserImpl.cpp, where an infinite recursion condition in the error handler allows an attacker to execute maliciously formed JavaScript causing an application crash.
Related
osv
osv
CVE-2022-27810
2022-10-06 20:15:17
cvelist
cvelist
CVE-2022-27810
2022-10-06 00:00:00
prion
prion
Design/Logic Flaw
2022-10-06 20:15:00
cve
cve
CVE-2022-27810
2022-10-06 20:15:17
nvd
nvd
CVE-2022-27810
2022-10-06 20:15:17