What is CVE-2020-1913?

CVE-2020-1913 is a vulnerability in Facebook Hermes, classified under CWE-195. Published 2020-09-09.

Is CVE-2020-1913 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Facebook Hermes

CVE-2020-1913

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that…

EPSS: 0.002 (42.0th percentile) — read the EPSS interpretation.

Affected products

Facebook Hermes — versions commit prior to 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6

Weakness classification (CWE)

CWE-195

Public proof-of-concept exploits

404notf0und/CVE-Flow

References

www.facebook.com/security/advisories/cve-2020-1913 (x_refsource_CONFIRM)
github.com/facebook/hermes/commit/2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2020-1913?: CVE-2020-1913 is a vulnerability in Facebook Hermes, classified under CWE-195. Published 2020-09-09.
Is CVE-2020-1913 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.