CVE-2020-1893
published 2020-03-03CVE-2020-1893: Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0…
PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.15%
62.8th percentile
Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hhvm | < 4.8.7 | 4.8.7 | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | >= 4.33.0 < unspecified | unspecified | |
| hhvm | 4.33.0 – 4.38.0 | — | |
| hhvm | >= 4.9.0 < unspecified | unspecified | |
| hhvm | 4.9.0 – 4.32.0 | — | |
| hhvm | unspecified – 4.8.6 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m8q8-334f-8qxg: Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS
ghsa_unreviewed·2022-05-24
CVE-2020-1893 [MEDIUM] GHSA-m8q8-334f-8qxg: Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS
Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7.
OSV
CVE-2020-1893: Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS
osv·2020-03-03·CVSS 7.5
CVE-2020-1893 [HIGH] CVE-2020-1893: Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS
Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-03-03
Published