Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions before 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
facebook hhvm 4.23.0 |
||
facebook hhvm 4.19.1 |
||
facebook hhvm |
||
facebook hhvm 4.20.0 |
||
facebook hhvm 4.20.1 |
||
facebook hhvm 4.20.2 |
||
facebook hhvm 4.21.0 |
||
facebook hhvm 4.22.0 |
||
facebook hhvm 4.19.0 |