← back
CVE-2020-1893

CVE-2020-1893

EPSS 1.1%CWE-125
Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7.
Affected products
Facebook · HHVM

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/facebook/hhvm/commit/bd586671a3c22eb2f07e55f11b3ce64e1f7961e7https://hhvm.com/blog/2020/02/20/security-update.html