{ "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11935", "DATE_ASSIGNED": "2019-10-28", "ASSIGNER": "cve-assign@fb.com", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "HHVM", "version": { "version_data": [ { "version_affected": "!=>", "version_value": "4.28.2" }, { "version_affected": ">=", "version_value": "4.28.0" }, { "version_affected": "!=>", "version_value": "4.27.1" }, { "version_affected": ">=", "version_value": "4.27.0" }, { "version_affected": "!=>", "version_value": "4.26.1" }, { "version_affected": ">=", "version_value": "4.26.0" }, { "version_affected": "!=>", "version_value": "4.25.1" }, { "version_affected": ">=", "version_value": "4.25.0" }, { "version_affected": "!=>", "version_value": "4.24.1" }, { "version_affected": ">=", "version_value": "4.24.0" }, { "version_affected": "!=>", "version_value": "4.23.2" }, { "version_affected": ">=", "version_value": "4.9.0" }, { "version_affected": "!=>", "version_value": "4.8.6" }, { "version_affected": ">=", "version_value": "4.0.0" }, { "version_affected": "!=>", "version_value": "3.30.12" }, { "version_affected": "<", "version_value": "3.30.12" } ] } } ] }, "vendor_name": "Facebook" } ] } }, "description": { "description_data": [ { "lang": "eng", "value": "Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-125: Out-of-bounds Read" } ] } ] }, "references": { "reference_data": [ { "refsource": "CONFIRM", "name": "https://hhvm.com/blog/2019/10/28/security-update.html", "url": "https://hhvm.com/blog/2019/10/28/security-update.html" }, { "refsource": "CONFIRM", "name": "https://github.com/facebook/hhvm/commit/1c518555dba6ceb45d5ba61845b96e261219c3b7", "url": "https://github.com/facebook/hhvm/commit/1c518555dba6ceb45d5ba61845b96e261219c3b7" }, { "refsource": "CONFIRM", "name": "https://www.facebook.com/security/advisories/cve-2019-11935", "url": "https://www.facebook.com/security/advisories/cve-2019-11935" } ] } }