Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.24 views

Linux Distros Unpatched Vulnerability : CVE-2020-1898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to...

7.5CVSS7.5AI score0.01211EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:40 p.m.8 views

CVE-2020-1898

The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58....

7.5CVSS6.8AI score0.01211EPSS
Exploits0
NVD
NVD
added 2021/03/11 1:15 a.m.21 views

CVE-2020-1898

The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58....

7.5CVSS0.01211EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/03/11 1:15 a.m.37 views

CVE-2020-1898

The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58....

7.5CVSS7.1AI score0.01211EPSS
Exploits0References3
OSV
OSV
added 2021/03/11 1:15 a.m.6 views

UBUNTU-CVE-2020-1898

The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58....

7.5CVSS5.8AI score0.01211EPSS
Exploits0References4
CVE
CVE
added 2021/03/11 12:55 a.m.94 views

CVE-2020-1898

CVE-2020-1898 affects Facebook HHVM (HipHop Virtual Machine). The vulnerability arises from fb_unserialize deserializing nested data without a depth limit, enabling a crafted input to cause recursive deserialization and stack exhaustion. Affected HHVM versions include before 4.32.3 and multiple r...

7.5CVSS7.5AI score0.01211EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder