Vulnerability in Facebook Hermes
CVE-2023-25933
A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could have been used by a malicious attacker to execute arbitrary code via untrusted JavaScript. Note that this is only exploitable in cases where…
EPSS: 0.012 (79.4th percentile) — read the EPSS interpretation.
Affected products
- Facebook Hermes — versions 0
References
- www.facebook.com/security/advisories/cve-2023-25933 (x_refsource_CONFIRM)
- github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81 (x_refsource_MISC)