mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-21 05:40:25 +00:00
CVEs for latest HHVM release
This commit is contained in:
Neal Poole
parent
3afb4a81a6
commit
2992c68bdd
@ -1,18 +1,145 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve-assign@fb.com",
|
||||
"DATE_ASSIGNED": "2020-02-20",
|
||||
"ID": "CVE-2020-1888",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "HHVM",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.45.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.45.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.44.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.44.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.43.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.43.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.42.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.42.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.41.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.41.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.40.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.40.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.39.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.39.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.38.1"
|
||||
},
|
||||
{
|
||||
"version_affected": ">=",
|
||||
"version_value": "4.33.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.32.1"
|
||||
},
|
||||
{
|
||||
"version_affected": ">=",
|
||||
"version_value": "4.9.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.8.7"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_value": "4.8.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Facebook"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Out-of-bounds Read (CWE-125)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://github.com/facebook/hhvm/commit/b3679121bb3c7017ff04b4c08402ffff5cf59b13",
|
||||
"url": "https://github.com/facebook/hhvm/commit/b3679121bb3c7017ff04b4c08402ffff5cf59b13"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://hhvm.com/blog/2020/02/20/security-update.html",
|
||||
"url": "https://hhvm.com/blog/2020/02/20/security-update.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,18 +1,145 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve-assign@fb.com",
|
||||
"DATE_ASSIGNED": "2020-02-20",
|
||||
"ID": "CVE-2020-1892",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "HHVM",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.45.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.45.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.44.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.44.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.43.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.43.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.42.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.42.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.41.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.41.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.40.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.40.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.39.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.39.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.38.1"
|
||||
},
|
||||
{
|
||||
"version_affected": ">=",
|
||||
"version_value": "4.33.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.32.1"
|
||||
},
|
||||
{
|
||||
"version_affected": ">=",
|
||||
"version_value": "4.9.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.8.7"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_value": "4.8.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Facebook"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Out-of-bounds Read (CWE-125)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://github.com/facebook/hhvm/commit/dabd48caf74995e605f1700344f1ff4a5d83441d",
|
||||
"url": "https://github.com/facebook/hhvm/commit/dabd48caf74995e605f1700344f1ff4a5d83441d"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://hhvm.com/blog/2020/02/20/security-update.html",
|
||||
"url": "https://hhvm.com/blog/2020/02/20/security-update.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,18 +1,145 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve-assign@fb.com",
|
||||
"DATE_ASSIGNED": "2020-02-20",
|
||||
"ID": "CVE-2020-1893",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "HHVM",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.45.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.45.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.44.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.44.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.43.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.43.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.42.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.42.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.41.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.41.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.40.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.40.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.39.1"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "4.39.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.38.1"
|
||||
},
|
||||
{
|
||||
"version_affected": ">=",
|
||||
"version_value": "4.33.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.32.1"
|
||||
},
|
||||
{
|
||||
"version_affected": ">=",
|
||||
"version_value": "4.9.0"
|
||||
},
|
||||
{
|
||||
"version_affected": "!=>",
|
||||
"version_value": "4.8.7"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_value": "4.8.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Facebook"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Out-of-bounds Read (CWE-125)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://github.com/facebook/hhvm/commit/bd586671a3c22eb2f07e55f11b3ce64e1f7961e7",
|
||||
"url": "https://github.com/facebook/hhvm/commit/bd586671a3c22eb2f07e55f11b3ce64e1f7961e7"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://hhvm.com/blog/2020/02/20/security-update.html",
|
||||
"url": "https://hhvm.com/blog/2020/02/20/security-update.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user