Facebook Hhvm
37 CVEs affecting Facebook Hhvm. Latest disclosed: 2023-05-10. Critical: 6, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-6875 | Critical | 9.8 | 2017-02-17 | Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. |
CVE-2016-6874 | Critical | 9.8 | 2017-02-17 | The array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, related to recursion. |
CVE-2016-6873 | Critical | 9.8 | 2017-02-17 | Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. |
CVE-2016-6872 | Critical | 9.8 | 2017-02-17 | Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. |
CVE-2016-6871 | Critical | 9.8 | 2017-02-17 | Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow. |
CVE-2016-6870 | Critical | 9.8 | 2017-02-17 | Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have… |
CVE-2022-36937 | | 2023-05-10 | HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerous published vulnera… | |
CVE-2019-3556 | | 2021-10-26 | HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to outp… | |
CVE-2021-24036 | | 2021-07-23 | Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of… | |
CVE-2020-1900 | | 2021-03-11 | When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. O… | |
CVE-2020-1899 | | 2021-03-11 | The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addr… | |
CVE-2020-1898 | | 2021-03-11 | The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to… | |
CVE-2021-24025 | | 2021-03-10 | Due to incorrect string size calculations inside the preg_quote function, a large input string passed to the function can trigger an integer overflow leading t… | |
CVE-2020-1921 | | 2021-03-10 | In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This iss… | |
CVE-2020-1919 | | 2021-03-10 | Incorrect bounds calculations in substr_compare could lead to an out-of-bounds read when the second string argument passed in is longer than the first. This is… | |
CVE-2020-1918 | | 2021-03-10 | In-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory… | |
CVE-2020-1917 | | 2021-03-10 | xbuf_format_converter, used as part of exif_read_data, was appending a terminating null character to the generated string, but was not using its standard appen… | |
CVE-2020-1916 | | 2021-03-10 | An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This iss… | |
CVE-2020-1893 | | 2020-03-03 | Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.4… | |
CVE-2020-1892 | | 2020-03-03 | Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. Thi… |