CVE-2020-1892
published 2020-03-03CVE-2020-1892: Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS…
PriorityP338high8.1CVSS 3.1
AVNACLPRNUIRSUCHINAH
EPSS
1.09%
61.4th percentile
Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hhvm | < 4.8.7 | 4.8.7 | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | >= 4.33.0 < unspecified | unspecified | |
| hhvm | 4.33.0 – 4.38.0 | — | |
| hhvm | >= 4.9.0 < unspecified | unspecified | |
| hhvm | 4.9.0 – 4.32.0 | — | |
| hhvm | unspecified – 4.8.6 | — |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:P
osv8.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r2qf-75cq-8rxc: Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and
ghsa_unreviewed·2022-05-24
CVE-2020-1892 [MEDIUM] GHSA-r2qf-75cq-8rxc: Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and
Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7.
OSV
CVE-2020-1892: Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and
osv·2020-03-03·CVSS 8.1
CVE-2020-1892 [HIGH] CVE-2020-1892: Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and
Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-03-03
Published