Vulnerabilities > Facebook > Hermes > 0.7.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-15 | CVE-2021-24037 | Use After Free vulnerability in Facebook Hermes A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. | 9.8 |
| 2020-10-26 | CVE-2020-1915 | Out-of-bounds Read vulnerability in Facebook Hermes An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. | 7.5 |
| 2020-10-08 | CVE-2020-1914 | Always-Incorrect Control Flow Implementation vulnerability in Facebook Hermes A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. | 9.8 |