Every CVE whose affected-product data names Facebook Hermes, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2023-30470 — CVSS 9.8 (critical): A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit…
CVE-2020-1911 — CVSS 9.8 (critical): A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes…
CVE-2022-40138 — CVSS 9.8 (critical): An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used…
CVE-2023-23556 — CVSS 9.8 (critical): An error in BigInt conversion to Number in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by a…
CVE-2023-23557 — CVSS 9.8 (critical): An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a…
CVE-2023-25933 — CVSS 9.8 (critical): A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could have been used by a malicious attacker to…
CVE-2023-28081 — CVSS 9.8 (critical): A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and…
CVE-2020-1896 — CVSS 9.8 (critical): A stack overflow vulnerability in Facebook Hermes 'builtin apply' prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2…
CVE-2020-1914 — CVSS 9.8 (critical): A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7f…
CVE-2021-24037 — CVSS 9.8 (critical): A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows…
CVE-2021-24044 — CVSS 9.8 (critical): By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would…
CVE-2021-24045 — CVSS 9.8 (critical): A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0. Note that…
CVE-2022-32234 — CVSS 9.8 (critical): An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to…
CVE-2022-35289 — CVSS 9.8 (critical): A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows…
CVE-2020-1912 — CVSS 8.1 (high): An out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions in Facebook Hermes prior to commit…
CVE-2020-1913 — CVSS 8.1 (high): An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6…
CVE-2023-24832 — CVSS 7.5 (high): A null pointer dereference bug in Hermes prior to commit 5cae9f72975cf0e5a62b27fdd8b01f103e198708 could have been used by an attacker to…
CVE-2020-1915 — CVSS 7.5 (high): An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows…
CVE-2022-27810 — CVSS 7.5 (high): It was possible to trigger an infinite recursion condition in the error handler when Hermes executed specific maliciously formed…
CVE-2023-24833 — CVSS 7.5 (high): A use-after-free in BigIntPrimitive addition in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by an…