๐Ÿ” CVE Alert

CVE-2022-27810

UNKNOWN 0.0
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

It was possible to trigger an infinite recursion condition in the error handler when Hermes executed specific maliciously formed JavaScript. This condition was only possible to trigger in dev-mode (when asserts were enabled). This issue affects Hermes versions prior to v0.12.0.

CWE CWE-674
Vendor facebook
Product hermes
Published Oct 6, 2022
Last Updated Aug 3, 2024
Stay Ahead of the Next One

Get instant alerts for facebook hermes

Be the first to know when new unknown vulnerabilities affecting facebook hermes are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Facebook / Hermes
unspecified < 0.12.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
facebook.com: https://www.facebook.com/security/advisories/cve-2022-27810