CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30470
https://notcve.org/view.php?id=CVE-2023-30470
A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code execution. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. • https://github.com/facebook/hermes/commit/da8990f737ebb9d9810633502f65ed462b819c09 https://www.facebook.com/security/advisories/cve-2023-30470 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28753
https://notcve.org/view.php?id=CVE-2023-28753
netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data. • https://github.com/facebook/netconsd/commit/9fc54edf54f7caea1189c2b979337ed37af2c60e https://www.facebook.com/security/advisories/cve-2023-28753 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28081
https://notcve.org/view.php?id=CVE-2023-28081
A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. • https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81 https://www.facebook.com/security/advisories/cve-2023-28081 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25933
https://notcve.org/view.php?id=CVE-2023-25933
A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could have been used by a malicious attacker to execute arbitrary code via untrusted JavaScript. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. • https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81 https://www.facebook.com/security/advisories/cve-2023-25933 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24833
https://notcve.org/view.php?id=CVE-2023-24833
A use-after-free in BigIntPrimitive addition in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by an attacker to leak raw data from Hermes VM’s heap. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. • https://github.com/facebook/hermes/commit/a6dcafe6ded8e61658b40f5699878cd19a481f80 https://www.facebook.com/security/advisories/cve-2023-24833 • CWE-416: Use After Free •