{"uuid": "6206eafd-bbbf-43ae-b62a-25ef89039d73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/darkcommunityofficial/520", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25[0-day] JIT optimisation issue(Issue 1432210, CVE-2023-2033, Blink>JavaScript>Runtime & Blink>JavaScript>Compiler)\n\"There seems to be a JIT optimisation issue allowing attacker to leak TheHole value. Filling this bug now as it is used ITW and we have a PoC demonstrating the issue. This might be an issue similar to CVE-2022-1364.\"\n\nHow to reproduce:\nTheHole leaked when using optimization.\n\ud83d\udcbe$ ./d8 --allow-natives-syntax hole.js\n\nSame code fails with no optimization.\n\ud83d\udcbe$ ./d8 --allow-natives-syntax --no-opt hole.js", "creation_timestamp": "2024-04-26T21:56:54.000000Z"}