CVE-2020-1900 in HHVMinfo

Zusammenfassung

von MITRE • 11.03.2021

When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

02.12.2019

Veröffentlichung

11.03.2021

Moderieren

akzeptiert

Eintrag

VDB-171139

CPE

bereit

CWE

CWE-416 (bestätigt)

CVSS

9.8 (NVD)

EPSS

0.01384

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-1900
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-1900
CVE Details	https://www.cvedetails.com/cve/CVE-2020-1900/

◂ Zurück Übersicht Weiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!