{"id":"CVE-2023-25933","details":"A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could have been used by a malicious attacker to execute arbitrary code via untrusted JavaScript. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.","modified":"2026-04-12T07:26:29.693836Z","published":"2023-05-18T22:15:09.750Z","references":[{"type":"FIX","url":"https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81"},{"type":"FIX","url":"https://www.facebook.com/security/advisories/cve-2023-25933"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/facebook/hermes","events":[{"introduced":"0"},{"fixed":"e6ed9c1a4b02dc219de1648f44cd808a56171b81"}],"database_specific":{"source":"REFERENCES"}}],"versions":["hermes-2022-04-28-RNv0.69.0-15d07c2edd29a4ea0b8f15ab0588a0c1adb1200f","hermes-2022-07-15-RNv0.70.0-88dd5731a19ab6b38b0a0a2d4386ba959f2a2c98","hermes-2022-11-03-RNv0.71.0-85613e1f9d1216f2cce7e54604be46057092939d","hermes-2023-03-20-RNv0.72.0-49794cfc7c81fb8f69fd60c3bbf85a7480cc5a77","v0.1.0","v0.1.1","v0.10.0","v0.11.0","v0.12.0","v0.2.1","v0.3.0","v0.4.0","v0.5.0","v0.6.0","v0.7.0","v0.8.0","v0.9.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-25933.json","vanir_signatures":[{"source":"https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81","id":"CVE-2023-25933-22f1cd0b","signature_type":"Function","signature_version":"v1","deprecated":false,"target":{"function":"inferBinaryBitwise","file":"lib/Optimizer/Scalar/TypeInference.cpp"},"digest":{"function_hash":"244183288744092653219593119058222456090","length":366}},{"source":"https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81","id":"CVE-2023-25933-7217635b","signature_type":"Line","signature_version":"v1","deprecated":false,"target":{"file":"include/hermes/VM/HermesValue.h"},"digest":{"line_hashes":["336931968309116850462669742277968446553","299509394037923709807431212749158629785","169282125372886596339269684525963608536"],"threshold":0.9}},{"source":"https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81","id":"CVE-2023-25933-74052a61","signature_type":"Function","signature_version":"v1","deprecated":false,"target":{"function":"inferBinaryInst","file":"lib/Optimizer/Scalar/TypeInference.cpp"},"digest":{"function_hash":"86956276143268804146579076321073111345","length":2103}},{"source":"https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81","id":"CVE-2023-25933-74c1794d","signature_type":"Line","signature_version":"v1","deprecated":false,"target":{"file":"lib/Optimizer/Scalar/TypeInference.cpp"},"digest":{"line_hashes":["118771179013626882642982892568195606073","8016861606220775059927620988985092726","152841409216909217454005860153543372848","127380054592229484182699249395897055946","290408447022023195909845287747872405741","141273481583623850541722735779603879664","220341937837190503240429377773002327182","219040827131277169782835594942430270384","316003812280555226773844676759808078763","302033363771629961968938231100660686204","247548758421056834761362694635461939921","80786748400859586168895298212070338494","297959158944488956617333772347470577108","267160263947966031850668010691460536075","316134095356359077953841416625426192454","28954704525521148933504007404822163670","334668736518642025213968328535040621921","107035317872143561999334934937955082440","312033574171870869931480538620729018056","177851560174477371319486075165328084045","322688915307330205259282843384821720355","39900426471887192767882585494723637938","46708100742113253573206706171875039313","154009086421358578437468245997216855438"],"threshold":0.9}},{"source":"https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81","id":"CVE-2023-25933-76ef3c68","signature_type":"Function","signature_version":"v1","deprecated":false,"target":{"function":"typedArrayPrototypeAt","file":"lib/VM/JSLib/TypedArray.cpp"},"digest":{"function_hash":"46913985563578523541684126239352316832","length":1162}},{"source":"https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81","id":"CVE-2023-25933-7857f019","signature_type":"Line","signature_version":"v1","deprecated":false,"target":{"file":"lib/VM/JSLib/TypedArray.cpp"},"digest":{"line_hashes":["84358595366936656521550073894911001200","286542122920275780596472527039175233126","145475748144065922651304348731516691188","294098942309992616003012710929317852597"],"threshold":0.9}},{"source":"https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81","id":"CVE-2023-25933-bd9d8b8e","signature_type":"Function","signature_version":"v1","deprecated":false,"target":{"function":"inferBinaryArith","file":"lib/Optimizer/Scalar/TypeInference.cpp"},"digest":{"function_hash":"148250141359981567341427435045414447390","length":615}},{"source":"https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81","id":"CVE-2023-25933-f573dfe2","signature_type":"Function","signature_version":"v1","deprecated":false,"target":{"function":"inferUnaryArith","file":"lib/Optimizer/Scalar/TypeInference.cpp"},"digest":{"function_hash":"289960701648422593995811240640000896793","length":484}}],"vanir_signatures_modified":"2026-04-12T07:26:29Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}