Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-6337

Опубликовано: 31 дек. 2018
Источник: nvd
CVSS3: 7.5
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:facebook:folly:*:*:*:*:*:*:*:*
Версия от 2017.12.11.00 (включая) до 2018.08.09.00 (включая)
cpe:2.3:a:facebook:hhvm:*:*:*:*:*:*:*:*
Версия от 3.26 (включая) до 3.26.3 (исключая)

EPSS

Процентиль: 50%
0.00273
Низкий

7.5 High

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-212
CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2018-6337

CVSS3: 7.5
ubuntu
около 7 лет назад

folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00.

debian логотип

CVE-2018-6337

CVSS3: 7.5
debian
около 7 лет назад

folly::secureRandom will re-use a buffer between parent and child proc ...

github логотип

GHSA-46jm-3g2r-j53x

CVSS3: 7.5
github
больше 3 лет назад

folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00.

EPSS

Процентиль: 50%
0.00273
Низкий

7.5 High

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-212
CWE-119