Vulnerability in Facebook Hermes
CVE-2023-30470
A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code executio…
EPSS: 0.038 (88.3th percentile) — read the EPSS interpretation.
Affected products
- Facebook Hermes — versions 0
References
- www.facebook.com/security/advisories/cve-2023-30470 (x_refsource_CONFIRM)
- github.com/facebook/hermes/commit/da8990f737ebb9d9810633502f65ed462b819c09 (x_refsource_MISC)