Lucene search
Veracode Vulnerability DatabaseVERACODE:40747HistoryMay 31, 2023 - 9:10 a.m.
Type Confusion
2023-05-3109:10:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
hermes-engine
type confusion
javascript
injection
malicious code
object properties
hermes-engine is vulnerable to Type Confusion. When Hermes allows execution of untrusted JavaScript, an attacker is able to inject and execute malicious code on the system due to a type confusion bug which occurs as a result of copying objects properties.
| CPE | Name | Operator | Version |
|---|---|---|---|
| hermes-engine | le | 0.11.0 | |
| hermes-engine | le | 0.11.0 | |
| hermes-engine | le | 0.11.0 | |
| hermes-engine | le | 0.11.0 |
Related
nvd
nvd
CVE-2023-23557
2023-05-18 22:15:09
prion
prion
Type confusion
2023-05-18 22:15:00
alpinelinux
alpinelinux
CVE-2023-23557
2023-05-18 22:15:09
cve
cve
CVE-2023-23557
2023-05-18 22:15:09
osv
osv
CVE-2023-23557
2023-05-18 22:15:09
cvelist
cvelist
CVE-2023-23557
2023-05-18 21:19:41