40 matches found
CVE-2019-11936
CVE-2019-11936 affects HHVM: various APC functions accept keys containing null bytes, causing input truncation. Affected versions include HHVM before 3.30.12, 4.0.0–4.8.5, 4.9.0–4.23.1, and 4.24.0–4.28.1. The Connected documents corroborate the same affected version ranges and input-truncation be...
CVE-2020-1899
CVE-2020-1899 affects HHVM: the unserialize() type code "S" (meant for APC serialization) could be misused to access arbitrary memory addresses as static StringData objects. Affected HHVM versions include prior to v4.32.3 and ranges 4.33.0–4.62.0 (inclusive) as listed. Root cause is an inappropri...
CVE-2021-24036
CVE-2021-24036 affects folly and HHVM: a vulnerability in IOBuf handling where passing an attacker-controlled size can trigger an integer overflow, causing an out-of-bounds heap write and potential remote code execution. Affected are folly versions prior to 2021.07.22.00 and HHVM versions prior t...
CVE-2020-1898
CVE-2020-1898 affects Facebook HHVM (HipHop Virtual Machine). The vulnerability arises from fb_unserialize deserializing nested data without a depth limit, enabling a crafted input to cause recursive deserialization and stack exhaustion. Affected HHVM versions include before 4.32.3 and multiple r...
CVE-2019-11926
CVE-2019-11926 involves insufficient boundary checks in the GD extension when processing M_SOFx markers in JPEG headers, allowing out-of-bounds memory access via a crafted JPEG input. Affected software: HHVM (HipHop VM) with affected versions listed across 3.30.x and 4.x lines (prior to 3.30.9, v...
CVE-2019-11925
The CVE-2019-11925 entry concerns insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension of HHVM, allowing access to out-of-bounds memory via crafted JPEG input. Affected HHVM versions include pre-3.30.9 and multiple 4.x releases (4.0.0–4.8.3, 4.9.0–4.15.2, 4...
CVE-2019-3569
HHVM with FastCGI binds to all interfaces by default, enabling potential direct access and information disclosure. Affected: HHVM versions 4.3.0–4.8.0, 3.30.5 and below, and all 4.0, 4.1, 4.2 releases. The provided documents specify the exposure vector and vulnerable version ranges but do not inc...
CVE-2020-1888
CVE-2020-1888 affects HHVM across a wide set of versions, with the root cause being insufficient boundary checks when decoding JSON in handleBackslash, causing reads out of bounds and potential DoS. Impact per sources includes high likelihood of denial of service (CVSSv3.1 base score 7.5; CVSSv2 ...
CVE-2020-1900
HHVM (HipHop VM) has a vulnerability CVE-2020-1900 affecting unserialization of objects with dynamic properties. The issue occurs when HHVM does not pre-reserve the full size of the dynamic property array before inserting into it, causing potential array resizing that can invalidate previously st...
CVE-2020-1892
CVE-2020-1892 affects HHVM and related JSON_parser decoding logic. The issue arises from insufficient boundary checks when decoding JSON, allowing read access to out-of-bounds memory and potentially causing information leaks and denial of service. Affected HHVM versions include 4.45.0 down to 4.3...
CVE-2020-1893
CVE-2020-1893: Insufficient boundary checks when decoding JSON in TryParse leads to out-of-bounds reads and potential DOS in HHVM. Affected versions per provided docs include HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0; versions 4.33.0–4.38.0; versions 4.9.0–4.32.0; and all versio...
CVE-2018-6345
The CVE-2018-6345 entry concerns Facebook HHVM’s number_format function. Concrete details from connected sources show a heap overflow in number_format when the second argument ($dec_points) is excessively large, affecting all supported HHVM versions up to 3.30.1 and 3.27.5 and earlier. The underl...
CVE-2022-36937
HHVM 4.172.0 and earlier versions expose TLS 1.0 in the stream extension when handling tls:// URLs via stream_socket_server/stream_socket_client. TLS 1.0 is deprecated and has reported vulnerabilities; the fixed releases replace TLS 1.0 with TLS 1.3 (HHVM 4.153.4, 4.168.2, 4.169.2, 4.170.2, 4.171...
CVE-2018-6334
CVE-2018-6334 affects HHVM, where multipart-file uploads cause variables to be registered in the global scope. Affects all supported HHVM versions prior to the patch: 3.25.1, 3.24.5, 3.21.9 and below. Reported CVSS: 9.8 (CRITICAL, NETWORK, LOW complexity, no auth). Root cause: improper global reg...
CVE-2019-3561
CVE-2019-3561 affects HHVM: Insufficient boundary checks in the strrpos and strripos functions allow access to out-of-bounds memory. Affected versions include HHVM 4.0.3, 3.30.4, 3.27.7 and below. The NVD entry presents high-severity scores (CVSSv2: 7.5/10; CVSSv3: 9.8/10) with network attack vec...
CVE-2018-6332
CVE-2018-6332: A denial-of-service issue in the Proxygen handling of invalid HTTP/2 settings can cause the HHVM Proxygen server to consume disproportionate resources. Affected: HHVM versions 3.24.3 and 3.21.7 and earlier when using the proxygen HTTP/2 handler. Root cause and impact are described ...
CVE-2016-1000109
HHVM is vulnerable to an httpoxy-style issue where untrusted data in the HTTP_PROXY variable can redirect a CGI app’s outbound traffic to an arbitrary proxy. Affected HHVM ranges include pre-3.9.6, 3.10.0–3.12.4, and 3.13.0–3.14.2. The CVE-2016-1000109 description confirms the root cause as RFC 3...
CVE-2018-6335
CVE-2018-6335 affects HHVM's proxygen HTTP/2 handling. A malformed h2 frame can trigger a std::out_of_range exception during parsing of priority metadata, leading to a denial-of-service. Affected versions are HHVM 3.25.2, 3.24.6, 3.21.10 and earlier when using the proxygen server. The vulnerabili...
CVE-2016-6874
CVE-2016-6874 affects Facebook HHVM (before 3.15.0) via the array_*_recursive functions, enabling unspecified impact through recursion. The available connected docs confirm the affected component and root cause (recursion in specific functions) but do not provide concrete exploit details, vectors...
CVE-2019-11929
CVE-2019-11929 affects HHVM. The issue is insufficient boundary checks when formatting numbers in number_format, enabling read/write access to out-of-bounds memory and potentially remote code execution. Affected HHVM versions include prior to 3.30.10, and all 4.x releases up to 4.23.0 (specifical...
CVE-2016-1000006
CVE-2016-1000006 affects hhvm before 3.12.11, with a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions. The connected documents provide the same description but do not specify an affected platform beyond this, nor concrete impact details, exploits, or a p...
CVE-2016-1000005
CVE-2016-1000005 concerns HHVM where mcrypt_get_block_size does not enforce that the module parameter is a string, causing type confusion. Affected versions: HHVM
CVE-2018-6340
The CVE-2018-6340 issue affects Facebook HHVM where the Memcache::getextendedstats function can trigger an out-of-bounds read. The vulnerability requires control over memcached hostnames/ports and impacts all supported HHVM versions up to 3.30 and 3.27.4 and earlier. The root cause is an out-of-b...
CVE-2019-3556
The CVE-2019-3556 issue affects HHVM where the admin server’s dump-pcre-cache handler accepts an unvalidated filesystem path parameter, enabling a malicious user to overwrite arbitrary files with the privileges of the HHVM user. This can write to arbitrary locations and is tied to HHVM versions: ...
CVE-2021-24025
The CVE-2021-24025 issue is an overflow in HHVM’s preg_quote handling caused by incorrect string size calculations, leading to a heap overflow. Affected are HHVM versions prior to 4.56.3, all releases 4.57.0–4.80.1, 4.81.0–4.93.1, and 4.94.0–4.98.0. The vulnerability is documented across multiple...
CVE-2016-1000004
CVE-2016-1000004 affects Facebook HHVM:Insufficient type checks before casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. Impacted are HHVM variants prior to 3.9.5, 3.10.0–3.12.3 (inclusive), and 3.13.0–3.14.1 (inclusive). The vulnerability arises from type-validation gap...
CVE-2016-6871
CVE-2016-6871: Integer overflow in Bcmath within Facebook HHVM before 3.15.0 can trigger a buffer overflow via unknown vectors, with unspecified impact. Affected product: Facebook HHVM (HipHop VM). Practical impact is described as overflow-related, but the exact exploit scenarios are not detailed...
CVE-2016-6872
CVE-2016-6872 involves an integer overflow in StringUtil::implode in Facebook HHVM prior to 3.15.0. The vulnerability has a high/severe impact profile (CVSS v3.0: CRITICAL, 9.8; v2.0: HIGH, 7.5) with network attack vector and no authentication required. The reports state that the overflow could e...
CVE-2016-6875
CVE-2016-6875 corresponds to an infinite recursion in WDDX handling in Facebook HHVM prior to 3.15.0. The vulnerability statement notes an unspecified impact via unknown vectors. The linked metrics assign a high base score (CVSSv2: 7.5; CVSSv3: 9.8) with network access and low attack complexity, ...
CVE-2020-1917
The CVE-2020-1917 issue is a concrete bug in xbuf_format_converter (part of exif_read_data) in HHVM. It appends a terminating null without the normal append path, enabling an out-of-bounds write when the buffer is full. Affected HHVM versions include: prior to 4.56.3, 4.57.0–4.80.1, 4.81.0–4.93.1...
CVE-2018-6337
The CVE-2018-6337 issue affects HHVM and the folly library, caused by folly::secureRandom re-using a buffer between parent and child processes after fork(). This can lead to repeated or correlated random outcomes across multiple forked children. Affected products/versions: HHVM prior to 3.26.3; f...
CVE-2019-11930
HHVM contains an invalid free in mb_detect_order that can crash the process or allow remote code execution. Affected versions include HHVM prior to 3.30.12, 4.0.0–4.8.5, 4.9.0–4.23.1, and 4.24.0–4.28.1. The issue is caused by improper memory management in mb_detect_order. Mitigation is to upgrade...
CVE-2019-3557
CVE-2019-3557 affects HHVM, specifically all supported versions up to 3.30 and 3.27.4 and below. The root cause is improper readImpl implementations for streams backed by bz2 and php://output, which returned -1, causing some stream functions (for example, stream_get_line) to trigger an out-of-bou...
CVE-2020-1918
CVE-2020-1918 affects HHVM: reading memory prior to the in‑memory buffer via fopen on a data URI due to improper restriction of negative seeking. Affected versions include HHVM before 4.56.3, 4.57.0–4.80.1, 4.81.0–4.93.1, and 4.94.0–4.98.0. The provided documents do not specify a final patched ve...
CVE-2016-6873
CVE-2016-6873 affects Facebook HHVM before 3.15.0. The vulnerability is caused by self recursion in the compact function, leading to unspecified impact via unknown vectors. Public records (NVD/NSS OSV) describe a high-severity, network-exploitable issue with potential partial confidentiality/inte...
CVE-2016-6870
CVE-2016-6870 affects Facebook HHVM prior to 3.15.0. The vulnerability is an out-of-bounds write in the third-party/multibyte-related functions: mb_detect_encoding, mb_send_mail, and mb_detect_order, leading to unspecified impact through unknown vectors. The provided public documents do not speci...
CVE-2019-11935
CVE-2019-11935 arises from insufficient boundary checks in mb_ereg_replace, allowing access to out-of-bounds memory. Connected sources confirm affected software as HHVM before 3.30.12 and the 4.x series: 4.0.0–4.8.5, 4.9.0–4.23.1, and 4.24.0–4.28.1. The NVD metrics indicate a high/severe impact (...
CVE-2020-1921
CVE-2020-1921 affects HHVM: the crypt function may terminate a buffer using the salt length without verifying the offset lies inside the buffer. Affected HHVM versions include before 4.56.3, 4.57.0–4.80.1, 4.81.0–4.93.1, and 4.94.0–4.98.0. The initial description provides the vulnerable condition...
CVE-2020-1916
CVE-2020-1916 involves an incorrect size calculation in ldap_escape that can cause an integer overflow and an out-of-bounds write. Affected software is HHVM versions prior to 4.56.2, and all versions between 4.57.0 and 4.83.0 (including 4.78.x, 4.79.x, 4.80.x, 4.81.x, 4.82.x, 4.83.x). The root ca...
CVE-2020-1919
CVE-2020-1919 affects HHVM: incorrect bounds calculations in substr_compare could cause an out-of-bounds read when the second string arg is longer than the first. Affected versions include all HHVM builds prior to 4.56.3, 4.57.0–4.80.1, 4.81.0–4.93.1, and 4.94.0–4.98.0. The connected documents pr...