CVE-2020-1915 - OpenCVE

An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Facebook	Hermes

Configuration 1 [-]

cpe:2.3:a:facebook:hermes:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/facebook/hermes/commit/8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0
https://www.facebook.com/security/advisories/cve-2020-1915

History

No history.

MITRE

Status: PUBLISHED

Assigner: facebook

Published: 2020-10-26T20:20:13

Updated: 2024-08-04T06:53:59.849Z

Reserved: 2019-12-02T00:00:00

Link: CVE-2020-1915

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-10-26T21:15:12.193

Modified: 2020-11-02T16:37:07.797

Link: CVE-2020-1915

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Hermes", "vendor": "Facebook", "versions": [{"status": "affected", "version": "commit prior to 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0"}]}], "dateAssigned": "2020-10-26T00:00:00", "descriptions": [{"lang": "en", "value": "An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-10-26T20:20:13", "orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "shortName": "facebook"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.facebook.com/security/advisories/cve-2020-1915"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/facebook/hermes/commit/8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-assign@fb.com", "DATE_ASSIGNED": "2020-10-26", "ID": "CVE-2020-1915", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Hermes", "version": {"version_data": [{"version_value": "commit prior to 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0"}]}}]}, "vendor_name": "Facebook"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-125: Out-of-bounds Read"}]}]}, "references": {"reference_data": [{"name": "https://www.facebook.com/security/advisories/cve-2020-1915", "refsource": "CONFIRM", "url": "https://www.facebook.com/security/advisories/cve-2020-1915"}, {"name": "https://github.com/facebook/hermes/commit/8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0", "refsource": "CONFIRM", "url": "https://github.com/facebook/hermes/commit/8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:53:59.849Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.facebook.com/security/advisories/cve-2020-1915"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/facebook/hermes/commit/8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0"}]}]}, "cveMetadata": {"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "assignerShortName": "facebook", "cveId": "CVE-2020-1915", "datePublished": "2020-10-26T20:20:13", "dateReserved": "2019-12-02T00:00:00", "dateUpdated": "2024-08-04T06:53:59.849Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:facebook:hermes:*:*:*:*:*:*:*:*", "matchCriteriaId": "77CAD963-CD06-4E04-89C0-86B1EEB63268", "versionEndExcluding": "2020-09-25", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected."}, {"lang": "es", "value": "Una lectura fuera de l\u00edmites en el int\u00e9rprete de JavaScript en Facebook Hermes anterior al commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0, permite a atacantes causar un ataque de denegaci\u00f3n de servicio o una posible corrupci\u00f3n adicional de la memoria por medio de un JavaScript dise\u00f1ado. Tome en cuenta que esto solo puede ser aprovechado si la aplicaci\u00f3n que usa Hermes permite la evaluaci\u00f3n de un JavaScript que no es confiable. Por consiguiente, la mayor\u00eda de las aplicaciones React Native no est\u00e1n afectadas"}], "id": "CVE-2020-1915", "lastModified": "2020-11-02T16:37:07.797", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-10-26T21:15:12.193", "references": [{"source": "cve-assign@fb.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/facebook/hermes/commit/8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0"}, {"source": "cve-assign@fb.com", "tags": ["Vendor Advisory"], "url": "https://www.facebook.com/security/advisories/cve-2020-1915"}], "sourceIdentifier": "cve-assign@fb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "cve-assign@fb.com", "type": "Secondary"}]}