Vulnerability Details : CVE-2021-24045
A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.
Products affected by CVE-2021-24045
- cpe:2.3:a:facebook:hermes:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-24045
0.31%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 70 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-24045
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2021-24045
-
The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.Assigned by:
- cve-assign@fb.com (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2021-24045
-
https://github.com/facebook/hermes/commit/55e1b2343f4deb1a1b5726cfe1e23b2068217ff2
Handle typeof applied to empty in InstSimplify · facebook/hermes@55e1b23 · GitHubPatch;Third Party Advisory
-
https://www.facebook.com/security/advisories/cve-2021-24045
FacebookVendor Advisory
Jump to