CVE-2020-1900
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.
Cuando se anula la serialización de un objeto con propiedades dinámicas, HHVM necesita reservar previamente el tamaño completo de la matriz de propiedades dinámicas antes de insertar algo en ella. De lo contrario, la matriz podría cambiar de tamaño, invalidando las referencias almacenadas previamente. Esta reserva previa no estaba ocurriendo en HHVM versiones anteriores a v4.32.3, entre las versiones 4.33.0 y 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62 .0
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-12-02 CVE Reserved
- 2021-03-11 CVE Published
- 2023-11-24 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/facebook/hhvm/commit/c1c4bb0cf9e076aafaf4ff3515556ef9faf906f3 | 2021-03-18 |
| URL | Date | SRC |
|---|---|---|
| https://hhvm.com/blog/2020/06/30/security-update.html | 2021-03-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Facebook Search vendor "Facebook" | Hhvm Search vendor "Facebook" for product "Hhvm" | < 4.32.3 Search vendor "Facebook" for product "Hhvm" and version " < 4.32.3" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hhvm Search vendor "Facebook" for product "Hhvm" | >= 4.33.0 < 4.56.1 Search vendor "Facebook" for product "Hhvm" and version " >= 4.33.0 < 4.56.1" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hhvm Search vendor "Facebook" for product "Hhvm" | 4.57.0 Search vendor "Facebook" for product "Hhvm" and version "4.57.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hhvm Search vendor "Facebook" for product "Hhvm" | 4.58.0 Search vendor "Facebook" for product "Hhvm" and version "4.58.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hhvm Search vendor "Facebook" for product "Hhvm" | 4.58.1 Search vendor "Facebook" for product "Hhvm" and version "4.58.1" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hhvm Search vendor "Facebook" for product "Hhvm" | 4.59.0 Search vendor "Facebook" for product "Hhvm" and version "4.59.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hhvm Search vendor "Facebook" for product "Hhvm" | 4.60.0 Search vendor "Facebook" for product "Hhvm" and version "4.60.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hhvm Search vendor "Facebook" for product "Hhvm" | 4.61.0 Search vendor "Facebook" for product "Hhvm" and version "4.61.0" | - |
Affected
| ||||||
| Facebook Search vendor "Facebook" | Hhvm Search vendor "Facebook" for product "Hhvm" | 4.62.0 Search vendor "Facebook" for product "Hhvm" and version "4.62.0" | - |
Affected
| ||||||