Vulnerability in Facebook Hermes
CVE-2023-23556
An error in BigInt conversion to Number in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by a malicious attacker to execute arbitrary code due to an out-of-bound write. Note that this bug is only expl…
EPSS: 0.016 (81.9th percentile) — read the EPSS interpretation.
Affected products
- Facebook Hermes — versions 0
References
- www.facebook.com/security/advisories/cve-2023-23556 (x_refsource_CONFIRM)
- github.com/facebook/hermes/commit/a6dcafe6ded8e61658b40f5699878cd19a481f80 (x_refsource_MISC)