hermes-engine is vulnerable to Type Confusion. A remote attacker is able to inject malicious content due to insufficient checks in TypeInference.cpp
, which results in type confusion, leading arbitrary code execution via untrusted JavaScript.
CPE | Name | Operator | Version |
---|---|---|---|
hermes-engine | le | 0.11.0 | |
hermes-engine | le | 0.11.0 |