{"id":"CVE-2023-23557","details":"An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.","modified":"2026-04-12T07:25:18.599489Z","published":"2023-05-18T22:15:09.540Z","database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:a:facebook:hermes:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"fixed":"2023-01-10"}]}]},"references":[{"type":"FIX","url":"https://github.com/facebook/hermes/commit/a00d237346894c6067a594983be6634f4168c9ad"},{"type":"FIX","url":"https://www.facebook.com/security/advisories/cve-2023-23557"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/facebook/hermes","events":[{"introduced":"0"},{"fixed":"a00d237346894c6067a594983be6634f4168c9ad"}],"database_specific":{"source":"REFERENCES"}}],"versions":["hermes-2022-04-28-RNv0.69.0-15d07c2edd29a4ea0b8f15ab0588a0c1adb1200f","hermes-2022-07-15-RNv0.70.0-88dd5731a19ab6b38b0a0a2d4386ba959f2a2c98","hermes-2022-11-03-RNv0.71.0-85613e1f9d1216f2cce7e54604be46057092939d","v0.1.0","v0.1.1","v0.10.0","v0.11.0","v0.12.0","v0.2.1","v0.3.0","v0.4.0","v0.5.0","v0.6.0","v0.7.0","v0.8.0","v0.9.0"],"database_specific":{"vanir_signatures":[{"deprecated":false,"source":"https://github.com/facebook/hermes/commit/a00d237346894c6067a594983be6634f4168c9ad","signature_version":"v1","digest":{"length":2320,"function_hash":"8395603693698833939534980291523318968"},"signature_type":"Function","id":"CVE-2023-23557-02894e1c","target":{"file":"lib/VM/JSLib/HermesBuiltin.cpp","function":"copyDataPropertiesSlowPath_RJS"}},{"deprecated":false,"source":"https://github.com/facebook/hermes/commit/a00d237346894c6067a594983be6634f4168c9ad","signature_version":"v1","digest":{"line_hashes":["77627020597537129274494186182116957713","229681405995999209748563542684463771875","101649061889427670724126921299133898665","86018539367285934929526100720264182212","33487740629654664825913083581045844412","193897989513804375622153393972872860077","277564282975645437591822380018736748488","112643499639199942202607250416064789274","270747886387742996922051881990963001589","308371544382695045525090257873447451652","170967911116524248165279416188959039664","250895477241647975225062273855214121139","203973018404123638894090593720568051885","179361213868422231881822291723891865820","288296997727176142438815503438246724802","141606201955996406519322802485975749699","175900176767969450832702885143858413835","56191818645604432493974082368583872103","116444120346204695034001680112211927869","253012822976032640900097718633084555065","298663305113426917555504953333386150905","166277646441673397650885952230986727303","22910912513970594542665255220016435542","290893221946458496625473183928021022587","286206647176154286588139365493737178726","258364155691293956256725874979068866533","232171521363151848080318833303528832964","243142768503722443173766802757986541710","142468980540149585008122041662328359387"],"threshold":0.9},"signature_type":"Line","id":"CVE-2023-23557-3bd6282b","target":{"file":"lib/VM/JSLib/HermesBuiltin.cpp"}},{"deprecated":false,"source":"https://github.com/facebook/hermes/commit/a00d237346894c6067a594983be6634f4168c9ad","signature_version":"v1","digest":{"line_hashes":["193426243138791153072749391442658939339","135796777696127301412320752450796660176","334255473916679492100366393447494822222"],"threshold":0.9},"signature_type":"Line","id":"CVE-2023-23557-65e10e61","target":{"file":"unittests/API/APITest.cpp"}},{"deprecated":false,"source":"https://github.com/facebook/hermes/commit/a00d237346894c6067a594983be6634f4168c9ad","signature_version":"v1","digest":{"length":2854,"function_hash":"298634487191324420472805239785196329758"},"signature_type":"Function","id":"CVE-2023-23557-d4875896","target":{"file":"lib/VM/JSLib/HermesBuiltin.cpp","function":"hermesBuiltinCopyDataProperties"}}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-23557.json","vanir_signatures_modified":"2026-04-12T07:25:18Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}