CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-36937
https://notcve.org/view.php?id=CVE-2022-36937
10 May 2023 — HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerous published vulnerabilities and is deprecated. HHVM 4.153.4, 4.168.2, 4.169.2, 4.170.2, 4.171.1, 4.172.1, 4.173.0 replaces TLS1.0 with TLS1.3. Applications that call stream_socket_server or stream_socket_client functions with a URL starting with tls:// are affected. • https://github.com/facebook/hhvm/commit/083f5ffdee661f61512909d16f9a5b98cff3cf0b • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.1EPSS: 1%CPEs: 7EXPL: 0CVE-2019-3556
https://notcve.org/view.php?id=CVE-2019-3556
26 Oct 2021 — HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output cached regular expressions from the current execution context into a file. The handler takes a parameter which specifies where on the filesystem to write this data. The parameter is not validated, allowing a malicious user to overwrite arbitrary files where the user running HHVM has write access. This issue affects HHVM versions prior to 4.56.2, al... • https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 0CVE-2021-24036
https://notcve.org/view.php?id=CVE-2021-24036
23 Jul 2021 — Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions prior to 4.80.5, all versions between 4.81.0 and 4.102.1, all versions between 4.103.0 and 4.113.0, and versions 4.114.0, 4.115.0, 4.116.0, 4.117.0, 4.118.0 and 4.118.1. Pasar un tamaño controlado por un atacante al crear un IOBuf podr... • https://github.com/facebook/folly/commit/4f304af1411e68851bdd00ef6140e9de4616f7d3 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-1921
https://notcve.org/view.php?id=CVE-2020-1921
10 Mar 2021 — In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0. En la función crypt, intentamos anular la finalización de un búfer usando el tamaño de la sal de entrada sin comprobar que el desplazamiento esté dentro del búfer. Este prob... • https://github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44ca • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-24025
https://notcve.org/view.php?id=CVE-2021-24025
10 Mar 2021 — Due to incorrect string size calculations inside the preg_quote function, a large input string passed to the function can trigger an integer overflow leading to a heap overflow. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0. Debido a cálculos de tamaño de cadena incorrectos dentro de la función preg_quote, una cadena de entrada grande pasada a la función puede desencadenar ... • https://github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44ca • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-1919
https://notcve.org/view.php?id=CVE-2020-1919
10 Mar 2021 — Incorrect bounds calculations in substr_compare could lead to an out-of-bounds read when the second string argument passed in is longer than the first. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0. Unos cálculos de límites incorrectos en la función substr_compare podrían conllevar a una lectura fuera de límites cuando el segundo argumento de cadena pasado es más largo que ... • https://github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44ca • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-1917
https://notcve.org/view.php?id=CVE-2020-1917
10 Mar 2021 — xbuf_format_converter, used as part of exif_read_data, was appending a terminating null character to the generated string, but was not using its standard append char function. As a result, if the buffer was full, it would result in an out-of-bounds write. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0. La función xbuf_format_converter, usada como parte de exif_read_data, est... • https://github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44ca • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-1918
https://notcve.org/view.php?id=CVE-2020-1918
10 Mar 2021 — In-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0. Las operaciones de archivos en memoria (es decir, usando fopen en un URI de datos) no restringieron apropiadamente la búsqueda negativa, permitiendo la lectura d... • https://github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44ca • CWE-125: Out-of-bounds Read CWE-127: Buffer Under-read •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1916
https://notcve.org/view.php?id=CVE-2020-1916
10 Mar 2021 — An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0. Un cálculo de tamaño incorrecto en la función ldap_escape puede conllevar a un desbordamiento de enteros cuando es pasada una entrada demasiado larga, resultando en una escritura fuera de límites. Este problema afecta a HHVM versiones ... • https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •