Page 6 of 148 results (0.006 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

15 Jun 2021 — A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected. Un uso de la memoria previamente liberada en hermes, mientras se emiten determinados mensajes de error, antes del commit d86e185e485b6330216de... • https://github.com/facebook/hermes/commit/d86e185e485b6330216dee8e854455c694e3a36e • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

01 Jun 2021 — A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced in react-native version 0.59.0 and fixed in version 0.64.1. Una vulnerabilidad de Denegación de Servicio de expresión regular (ReDoS) en la función validateBaseUrl puede hacer que la aplicación utilice recursos excesivos, deje de responder o se bloquee. Esto se introdujo en versión 0.59.0 de react-native y se cor... • https://github.com/facebook/react-native/commit/ca09ae82715e33c9ac77b3fa55495cf84ba891c7 • CWE-697: Incorrect Comparison CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

13 Apr 2021 — An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00. Una liberación no válida en la serialización basada en tablas de Thrift puede causar que la aplicación se bloquee o potencialmente resultar en una ejecución de código u otros efectos no deseados. Este problema afecta a Facebook Thrift versiones anteriores a v2021.02.22.00 • https://github.com/facebook/fbthrift/commit/bfda1efa547dce11a38592820916db01b05b9339 • CWE-763: Release of Invalid Pointer or Reference •

CVSS: 8.1EPSS: 6%CPEs: 1EXPL: 2

25 Mar 2021 — The run_action function of the Facebook for WordPress plugin before 3.0.0 deserializes user supplied data making it possible for PHP objects to be supplied creating an Object Injection vulnerability. There was also a useable magic method in the plugin that could be used to achieve remote code execution. La función run_action del plugin de Facebook para WordPress versiones anteriores a 3.0.0, deserializa unos datos suministrados por el usuario, haciendo posible que sean suministrados objetos PHP creando una ... • https://wpscan.com/vulnerability/509f2754-a1a1-4142-9126-ae023a88533a • CWE-502: Deserialization of Untrusted Data •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2

25 Mar 2021 — The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in the saveFbeSettings function had no sanitization allowing for script tags to be saved. Las acciones AJAX wp_ajax_save_fbe_settings y wp_ajax_delete_fbe_settings del plugin de Facebook para WordPress versiones anteriores a 3.0.4, eran vulnerables a un ataque de tipo CSRF debido a una falta de protección nonce.&#... • https://wpscan.com/vulnerability/169d21fc-d191-46ff-82e8-9ac887aed8a4 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

15 Mar 2021 — A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit a67083ff4b8dcbb7ee2839da6338032030d712b0 and proxygen versions prior to v2021.03.15.00. Un paquete de escenario death es posible en mvfst por medio de un mensaje especialmente diseñado durante una sesión QUIC, lo que causa un... • https://github.com/facebookincubator/mvfst/commit/a67083ff4b8dcbb7ee2839da6338032030d712b0 • CWE-617: Reachable Assertion •

CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0

11 Mar 2021 — When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0. Cuando se anula la serialización de un objeto con propiedades dinámicas, HHVM necesita reservar previamente el tamaño co... • https://github.com/facebook/hhvm/commit/c1c4bb0cf9e076aafaf4ff3515556ef9faf906f3 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

11 Mar 2021 — The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0. La función unserialize() admitía un código de tipo, "S", que estaba destinado a ser admitido solo para la serialización APC. Este código de tipo perm... • https://github.com/facebook/hhvm/commit/1107228a5128d3ca1c4add8ac1635d933cbbe2e9 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

11 Mar 2021 — The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0. La función fb_unserialize no impuso un límite de profundidad para la deserialización anidada. Eso significaba que una cadena construida maliciosamente podría causar que una d... • https://github.com/facebook/hhvm/commit/1746dfb11fc0048366f34669e74318b8278a684c • CWE-674: Uncontrolled Recursion •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

10 Mar 2021 — The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0. El controlador de protocolo fbgames registrado como parte de Facebook Gameroom no cita correctamente los argumentos pasados ??al ejecutable. • https://www.facebook.com/security/advisories/cve-2021-24030 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •