CVE-2021-24044 – By passing invalid javascript code where await and yield were called upon non-async and no …

15 January 2022

Vuln ID: CVE-2021-24044

Published: 2022-01-15 01:15:07Z

Description: By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yield positions. This could result in segmentation fault as a consequence of type confusion error, with a low chance of RCE. This issue affects Hermes versions prior to v0.10.0.

Source: NVD.NIST.GOV

Date:

15 January 2022

Categorie(s):

NVD

Tag(s):

NVD

AI Helps Improve About Managed Detection and Response26 April 2024
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland – SWN #38126 April 2024
Impact of organizational structure on ransomware outcomes: Where does your org fit in?26 April 2024
Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets26 April 2024
Kaiser Permanente handed over 13.4M people’s data to Microsoft, Google, others26 April 2024