Vulnerabilities (CVE)

Filtered by vendor Facebook Subscribe
Filtered by product Hhvm
Total 40 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-11930 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1.
CVE-2019-11929 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0.
CVE-2019-11926 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions prior to 3.30.9, all versions between 4.0.0 and 4.8.3, all versions between 4.9.0 and 4.15.2, and versions 4.16.0 to 4.16.3, 4.17.0 to 4.17.2, 4.18.0 to 4.18.1, 4.19.0, 4.20.0 to 4.20.1.
CVE-2019-11925 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions prior to 3.30.9, all versions between 4.0.0 and 4.8.3, all versions between 4.9.0 and 4.15.2, and versions 4.16.0 to 4.16.3, 4.17.0 to 4.17.2, 4.18.0 to 4.18.1, 4.19.0, 4.20.0 to 4.20.1.
CVE-2018-6345 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
The function number_format is vulnerable to a heap overflow issue when its second argument ($dec_points) is excessively large. The internal implementation of the function will cause a string to be created with an invalid length, which can then interact poorly with other functions. This affects all supported versions of HHVM (3.30.1 and 3.27.5 and below).
CVE-2018-6340 1 Facebook 1 Hhvm 2024-11-21 6.8 MEDIUM 8.1 HIGH
The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hostnames and/or ports. This affects all supported versions of HHVM (3.30 and 3.27.4 and below).
CVE-2018-6337 1 Facebook 2 Folly, Hhvm 2024-11-21 5.0 MEDIUM 7.5 HIGH
folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00.
CVE-2018-6335 1 Facebook 1 Hhvm 2024-11-21 5.0 MEDIUM 7.5 HIGH
A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6, and 3.21.10 and below) when using the proxygen server to handle HTTP2 requests.
CVE-2018-6334 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before being used this can lead to unexpected behavior. This affects all supported versions of HHVM prior to the patch (3.25.1, 3.24.5, and 3.21.9 and below).
CVE-2018-6332 1 Facebook 1 Hhvm 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. This affects all supported versions of HHVM (3.24.3 and 3.21.7 and below) when using the proxygen server to handle HTTP2 requests.
CVE-2016-6875 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
CVE-2016-6874 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
The array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, related to recursion.
CVE-2016-6873 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
CVE-2016-6872 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
CVE-2016-6871 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow.
CVE-2016-6870 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
CVE-2016-1000109 1 Facebook 1 Hhvm 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. This issue affects HHVM versions prior to 3.9.6, all versions between 3.10.0 and 3.12.4 (inclusive), and all versions between 3.13.0 and 3.14.2 (inclusive).
CVE-2016-1000006 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.
CVE-2016-1000005 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. This issue affects HHVM versions prior to 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions between 3.13.0 and 3.14.1 (inclusive).
CVE-2016-1000004 1 Facebook 1 Hhvm 2024-11-21 7.5 HIGH 9.8 CRITICAL
Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. This issue affects HHVM versions prior to 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions between 3.13.0 and 3.14.1 (inclusive).