Exposición de HHVM
Web servers12
score de exposición
41
sitios usan
0
en explotación
2
críticos
CVEs
31 resultadosCVE-2020-1916—An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bouEPSS 1.4%CVE-2020-1918—In-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking, allowing for the reading of memory priEPSS 1.2%CVE-2020-1899—The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arEPSS 1.2%CVE-2020-1919—Incorrect bounds calculations in substr_compare could lead to an out-of-bounds read when the second string argument passed in is longer thanEPSS 1.2%CVE-2020-1921—In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within tEPSS 1.2%CVE-2020-1898—The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could causeEPSS 1.2%CVE-2020-1888—Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affectEPSS 1.1%CVE-2020-1893—Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM EPSS 1.1%CVE-2020-1892—Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to informatioEPSS 1.1%CVE-2018-6332MEDIUMA potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate EPSS 1.1%CVE-2022-36937CRITICALHHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerouEPSS 0.5%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →