CVE-2022-36937

🗓️ 10 May 2023 18:28:20Reported by facebookType

HHVM prior versions use TLS 1.0 for secure connections, vulnerable to CVE-2022-36937

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2022-36937	10 May 202322:14	–	circl
CNNVD	Facebook HHVM 安全漏洞	10 May 202300:00	–	cnnvd
Cvelist	CVE-2022-36937	10 May 202318:28	–	cvelist
EUVD	EUVD-2022-39595	3 Oct 202520:07	–	euvd
NVD	CVE-2022-36937	10 May 202319:15	–	nvd
OSV	UBUNTU-CVE-2022-36937	10 May 202319:15	–	osv
Prion	Design/Logic Flaw	10 May 202319:15	–	prion
Positive Technologies	PT-2023-13512 · Facebook · Hhvm	10 May 202300:00	–	ptsecurity
RedhatCVE	CVE-2022-36937	22 May 202521:53	–	redhatcve
UbuntuCve	CVE-2022-36937	10 May 202319:15	–	ubuntucve

NVD

Node

facebook hhvmRange<4.153.4

facebook hhvmRange4.154.0–4.168.2

facebook hhvmRange4.169.0–4.169.2

facebook hhvmRange4.170.0–4.170.2

facebook hhvmMatch4.171.0

facebook hhvmMatch4.172.0

[
  {
    "defaultStatus": "unaffected",
    "product": "HHVM",
    "vendor": "Facebook",
    "versions": [
      {
        "lessThan": "4.172.1",
        "status": "affected",
        "version": "4.172.0",
        "versionType": "semver"
      },
      {
        "lessThan": "4.171.1",
        "status": "affected",
        "version": "4.171.0",
        "versionType": "semver"
      },
      {
        "lessThan": "4.170.2",
        "status": "affected",
        "version": "4.170.0",
        "versionType": "semver"
      },
      {
        "lessThan": "4.169.2",
        "status": "affected",
        "version": "4.169.0",
        "versionType": "semver"
      },
      {
        "lessThan": "1.168.2",
        "status": "affected",
        "version": "4.154.0",
        "versionType": "semver"
      },
      {
        "lessThan": "4.153.4",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
hhvm	www.hhvm.com/blog/2023/01/20/security-update.html
github	www.github.com/facebook/hhvm/commit/083f5ffdee661f61512909d16f9a5b98cff3cf0b

27 Jan 2025 19:15Current

9.6High risk

Vulners AI Score9.6

CVSS 3.19.8

EPSS0.00836

SSVC

CWE-327