Vulnerability in Facebook Hermes
CVE-2023-23557
An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in…
EPSS: 0.008 (73.6th percentile) — read the EPSS interpretation.
Affected products
- Facebook Hermes — versions 0
References
- www.facebook.com/security/advisories/cve-2023-23557 (x_refsource_CONFIRM)
- github.com/facebook/hermes/commit/a00d237346894c6067a594983be6634f4168c9ad (x_refsource_MISC)