{"id":"CVE-2023-24833","details":"A use-after-free in BigIntPrimitive addition in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by an attacker to leak raw data from Hermes VM’s heap. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.","modified":"2026-04-12T06:21:04.432387Z","published":"2023-05-18T22:15:09.700Z","references":[{"type":"FIX","url":"https://github.com/facebook/hermes/commit/a6dcafe6ded8e61658b40f5699878cd19a481f80"},{"type":"FIX","url":"https://www.facebook.com/security/advisories/cve-2023-24833"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/facebook/hermes","events":[{"introduced":"0"},{"fixed":"a6dcafe6ded8e61658b40f5699878cd19a481f80"}]},{"type":"GIT","repo":"https://github.com/facebook/hermes","events":[{"introduced":"0"},{"fixed":"a6dcafe6ded8e61658b40f5699878cd19a481f80"}]}],"versions":["hermes-2022-04-28-RNv0.69.0-15d07c2edd29a4ea0b8f15ab0588a0c1adb1200f","hermes-2022-07-15-RNv0.70.0-88dd5731a19ab6b38b0a0a2d4386ba959f2a2c98","hermes-2022-11-03-RNv0.71.0-85613e1f9d1216f2cce7e54604be46057092939d","v0.1.0","v0.1.1","v0.10.0","v0.11.0","v0.12.0","v0.2.1","v0.3.0","v0.4.0","v0.5.0","v0.6.0","v0.7.0","v0.8.0","v0.9.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-24833.json","vanir_signatures_modified":"2026-04-12T06:21:04Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2023-02-02"}]}],"vanir_signatures":[{"source":"https://github.com/facebook/hermes/commit/a6dcafe6ded8e61658b40f5699878cd19a481f80","target":{"file":"lib/VM/Operations.cpp"},"deprecated":false,"signature_version":"v1","digest":{"line_hashes":["116023603249055942204871578289526150818","157465235683486666630666541987617012353","324844226610994754364777013170485823662","305436130329384601449460512141132589680","256784880773286649680719239257047737024"],"threshold":0.9},"id":"CVE-2023-24833-145a8f24","signature_type":"Line"},{"source":"https://github.com/facebook/hermes/commit/a6dcafe6ded8e61658b40f5699878cd19a481f80","target":{"function":"toDouble","file":"lib/Support/BigIntSupport.cpp"},"deprecated":false,"signature_version":"v1","digest":{"length":281,"function_hash":"182465140115176206595651731294451484989"},"id":"CVE-2023-24833-1b1293fa","signature_type":"Function"},{"source":"https://github.com/facebook/hermes/commit/a6dcafe6ded8e61658b40f5699878cd19a481f80","target":{"file":"lib/Support/BigIntSupport.cpp"},"deprecated":false,"signature_version":"v1","digest":{"line_hashes":["159108049424863460441355083818936485829","160020135003896613308550930136518706150","312483450123792388199485599228294266894","30932606837278682447139067601811061633"],"threshold":0.9},"id":"CVE-2023-24833-26f67e81","signature_type":"Line"},{"source":"https://github.com/facebook/hermes/commit/a6dcafe6ded8e61658b40f5699878cd19a481f80","target":{"file":"lib/VM/JSLib/Array.cpp"},"deprecated":false,"signature_version":"v1","digest":{"line_hashes":["327584473803952423536992197582374868669","7771634333197280731037778234458644585","94602761196101625413231949479955562725","246489650203966278907648881022758586812","181586388229243172966848421284771673939","335352610645303177993059854685458401532","305482378050391684812655155477165124418","5595740571188832623618342286973301592","278285489027415498589782065420222616769","44085747458836909365017973400137115795"],"threshold":0.9},"id":"CVE-2023-24833-e833c902","signature_type":"Line"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}