CVE-2020-1900
published 2021-03-11CVE-2020-1900: When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it…
PriorityP346critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.38%
68.8th percentile
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hhvm | < 4.32.3 | 4.32.3 | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | — | — | |
| hhvm | >= 4.33.0 < unspecified | unspecified | |
| hhvm | >= 4.33.0 < 4.56.1 | 4.56.1 | |
| hhvm | >= 4.58.0 < unspecified | unspecified | |
| hhvm | >= unspecified < 4.32.3 | 4.32.3 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g7r3-m2h7-28vw: When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything i
ghsa_unreviewed·2022-05-24
CVE-2020-1900 [CRITICAL] CWE-416 GHSA-g7r3-m2h7-28vw: When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything i
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.
OSV
CVE-2020-1900: When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything i
osv·2021-03-11·CVSS 9.8
CVE-2020-1900 [CRITICAL] CVE-2020-1900: When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything i
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.
No detection rules found.
No writeups or analysis indexed.
2021-03-11
Published