Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory. This issue affects HHVM versions before 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
facebook hhvm |
||
facebook hhvm 4.24.0 |
||
facebook hhvm 4.25.0 |
||
facebook hhvm 4.26.0 |
||
facebook hhvm 4.27.0 |
||
facebook hhvm 4.28.0 |
||
facebook hhvm 4.28.1 |