VYPR
Unrated severityNVD Advisory· Published May 18, 2023· Updated Jan 21, 2025

CVE-2023-28081

CVE-2023-28081

Description

A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: < commit e6ed9c1a4b02dc219de1648f44cd808a56171b81
  • Facebook/Hermesv5
    Range: 0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.