vulnerability

Alpine Linux: CVE-2020-1915: Out-of-bounds Read

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Oct 26, 2020	Aug 22, 2024	Oct 2, 2024

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Oct 26, 2020

Added

Aug 22, 2024

Modified

Oct 2, 2024

Description

An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.

Solution

alpine-linux-upgrade-hermes

References

CVE-2020-1915
https://attackerkb.com/topics/CVE-2020-1915
URL-https://security.alpinelinux.org/vuln/CVE-2020-1915

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today