hermes-engine is vulnerable to Type Confusion. When Hermes allows execution of untrusted JavaScript, an attacker is able to inject and execute malicious code on the system due to a type confusion bug which occurs as a result of copying objects properties.
CPE | Name | Operator | Version |
---|---|---|---|
hermes-engine | le | 0.11.0 | |
hermes-engine | le | 0.11.0 | |
hermes-engine | le | 0.11.0 | |
hermes-engine | le | 0.11.0 |