threat
engine
.sh
Back
·
··:··
Home
/
Product
/
facebook hhvm
Product
facebook hhvm
40 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-36937
< 4.153.4
HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 h
9.8
CRITICAL
CVE-2019-3556
< 4.56.2
HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pc
8.1
HIGH
CVE-2021-24036
< 4.80.5
Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the
9.8
CRITICAL
CVE-2020-1900
< 4.32.3
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before
9.8
CRITICAL
CVE-2020-1899
< 4.32.3
The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code
7.5
HIGH
CVE-2020-1898
< 4.32.3
The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string c
7.5
HIGH
CVE-2021-24025
< 4.56.3
Due to incorrect string size calculations inside the preg_quote function, a large input string passed to the function can trigger
9.8
CRITICAL
CVE-2020-1921
< 4.56.3
In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset i
7.5
HIGH
CVE-2020-1919
< 4.56.3
Incorrect bounds calculations in substr_compare could lead to an out-of-bounds read when the second string argument passed in is l
7.5
HIGH
CVE-2020-1918
< 4.56.3
In-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking, allowing for the reading of
7.5
HIGH
CVE-2020-1917
< 4.56.3
xbuf_format_converter, used as part of exif_read_data, was appending a terminating null character to the generated string, but was
9.8
CRITICAL
CVE-2020-1916
< 4.56.2
An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an
9.8
CRITICAL
CVE-2020-1893
< 4.8.7
Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue aff
7.5
HIGH
CVE-2020-1892
< 4.8.7
Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to
8.1
HIGH
CVE-2020-1888
< 4.8.7
Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This is
7.5
HIGH
CVE-2016-1000109
< 3.9.6
HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from
5.3
MEDIUM
CVE-2016-1000005
< 3.9.5
mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types
9.8
CRITICAL
CVE-2016-1000004
< 3.9.5
Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. This i
9.8
CRITICAL
CVE-2019-11936
< 3.30.12
Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHV
9.8
CRITICAL
CVE-2019-11935
< 3.30.12
Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory. This issue affects
9.8
CRITICAL
CVE-2019-11930
< 3.30.12
An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution. This issue a
9.8
CRITICAL
CVE-2016-1000006
< 3.12.11
hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.
9.8
CRITICAL
CVE-2019-11929
< 3.30.10
Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentiall
9.8
CRITICAL
CVE-2019-11926
<= 3.30.9
Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension could allow access to out-of-bou
9.8
CRITICAL
CVE-2019-11925
<= 3.30.9
Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds m
9.8
CRITICAL
CVE-2019-3569
<= 3.30.5
HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual
7.5
HIGH
CVE-2019-3561
<= 3.27.7
Insufficient boundary checks for the strrpos and strripos functions allow access to out-of-bounds memory. This affects all support
9.8
CRITICAL
CVE-2019-3557
<= 3.27.4
The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently
9.8
CRITICAL
CVE-2018-6345
<= 3.27.5
The function number_format is vulnerable to a heap overflow issue when its second argument ($dec_points) is excessively large. The
9.8
CRITICAL
CVE-2018-6340
<= 3.27.4
The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over
8.1
HIGH
CVE-2018-6337
>= 3.26 and < 3.26.3
folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple fo
7.5
HIGH
CVE-2018-6335
<= 3.21.10
A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-
7.5
HIGH
CVE-2018-6334
<= 3.21.9
Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared e
9.8
CRITICAL
CVE-2018-6332
<= 3.21.7
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disprop
5.9
MEDIUM
CVE-2016-6875
<= 3.14.5
Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
9.8
CRITICAL
CVE-2016-6874
<= 3.14.5
The array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, re
9.8
CRITICAL
CVE-2016-6873
<= 3.14.5
Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
9.8
CRITICAL
CVE-2016-6872
<= 3.14.5
Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vec
9.8
CRITICAL
CVE-2016-6871
<= 3.14.5
Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which t
9.8
CRITICAL
CVE-2016-6870
<= 3.14.5
Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.1
9.8
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin