Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.
CVSS Information
N/A
Vulnerability Type
跨界内存读
Vulnerability Title
Facebook Hermes 缓冲区错误漏洞
Vulnerability Description
Facebook Hermes是美国Facebook公司的一个JavaScript引擎。该引擎针对React Native应用,去提高移动客户端应用App的性能,但是对浏览器 & Node.js 等服务端基础架构并不适用。 Facebook Hermes JavaScript Interpreter 存在缓冲区错误漏洞,该漏洞使攻击者就可以通过精心制作的JavaScript导致拒绝服务攻击或进一步的内存损坏。
CVSS Information
N/A
Vulnerability Type
N/A