CVE-2020-1892

🗓️ 03 Mar 2020 15:00:26Reported by facebookType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 74 Views

Insufficient boundary checks in JSON_parser, leading to memory access and DO

Reporter	Title	Published	Views	Family All 9
Cvelist	CVE-2020-1892	3 Mar 202015:00	–	cvelist
EUVD	EUVD-2020-12718	7 Oct 202500:30	–	euvd
NVD	CVE-2020-1892	3 Mar 202015:15	–	nvd
OpenVAS	HHVM Multiple Vulnerabilities (Mar 2020)	6 Mar 202000:00	–	openvas
OSV	UBUNTU-CVE-2020-1892	3 Mar 202015:15	–	osv
Prion	Design/Logic Flaw	3 Mar 202015:15	–	prion
RedhatCVE	CVE-2020-1892	22 May 202517:40	–	redhatcve
UbuntuCve	CVE-2020-1892	3 Mar 202015:15	–	ubuntucve
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2020-1892	10 Sep 202500:00	–	nessus

NVD

Node

facebook hhvmRange<4.8.7

facebook hhvmRange4.9.0–4.32.0

facebook hhvmRange4.33.0–4.38.0

facebook hhvmMatch4.39.0

facebook hhvmMatch4.40.0

facebook hhvmMatch4.41.0

facebook hhvmMatch4.42.0

facebook hhvmMatch4.43.0

facebook hhvmMatch4.44.0

facebook hhvmMatch4.45.0

[
  {
    "product": "HHVM",
    "vendor": "Facebook",
    "versions": [
      {
        "status": "affected",
        "version": "4.45.1"
      },
      {
        "status": "affected",
        "version": "4.45.0"
      },
      {
        "status": "affected",
        "version": "4.44.1"
      },
      {
        "status": "affected",
        "version": "4.44.0"
      },
      {
        "status": "affected",
        "version": "4.43.1"
      },
      {
        "status": "affected",
        "version": "4.43.0"
      },
      {
        "status": "affected",
        "version": "4.42.1"
      },
      {
        "status": "affected",
        "version": "4.42.0"
      },
      {
        "status": "affected",
        "version": "4.41.1"
      },
      {
        "status": "affected",
        "version": "4.41.0"
      },
      {
        "status": "affected",
        "version": "4.40.1"
      },
      {
        "status": "affected",
        "version": "4.40.0"
      },
      {
        "status": "affected",
        "version": "4.39.1"
      },
      {
        "status": "affected",
        "version": "4.39.0"
      },
      {
        "status": "affected",
        "version": "4.38.1"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "4.33.0",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "4.32.1"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "4.9.0",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "4.8.7"
      },
      {
        "lessThanOrEqual": "4.8.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
hhvm	www.hhvm.com/blog/2020/02/20/security-update.html
github	www.github.com/facebook/hhvm/commit/dabd48caf74995e605f1700344f1ff4a5d83441d

21 Nov 2024 05:11Current

7.7High risk

Vulners AI Score7.7

CVSS 26.4

CVSS 3.18.1

EPSS0.00611

CWE-125