A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.
CVE-2020-1914 - Critical Severity Vulnerability
Library home page: https://registry.npmjs.org/hermes-engine/-/hermes-engine-0.0.0.tgz
Path to dependency file: /package.json
Path to vulnerable library: /package.json
Dependency Hierarchy: - react-native-0.62.2.tgz (Root Library) - :x: **hermes-engine-0.0.0.tgz** (Vulnerable Library)
Found in HEAD commit: 7fe36112d3d63b30268969f509f9eb39f8ee6eb8
Found in base branch: master
A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.
Publish Date: 2020-10-08
URL: CVE-2020-1914
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://github.com/advisories/GHSA-327c-qx3v-h673
Release Date: 2020-10-20
Fix Resolution: hermes-engine - 0.7.2
Step up your Open Source Security Game with Mend here