Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-11929

Опубликовано: 02 окт. 2019
Источник: nvd
CVSS3: 9.8
CVSS2: 7.5
EPSS Низкий

Описание

Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:facebook:hhvm:*:*:*:*:*:*:*:*
Версия до 3.30.10 (исключая)
cpe:2.3:a:facebook:hhvm:*:*:*:*:*:*:*:*
Версия от 4.0.0 (включая) до 4.8.5 (включая)
cpe:2.3:a:facebook:hhvm:*:*:*:*:*:*:*:*
Версия от 4.9.0 (включая) до 4.18.2 (включая)
cpe:2.3:a:facebook:hhvm:4.19.0:*:*:*:*:*:*:*
cpe:2.3:a:facebook:hhvm:4.19.1:*:*:*:*:*:*:*
cpe:2.3:a:facebook:hhvm:4.20.0:*:*:*:*:*:*:*
cpe:2.3:a:facebook:hhvm:4.20.1:*:*:*:*:*:*:*
cpe:2.3:a:facebook:hhvm:4.20.2:*:*:*:*:*:*:*
cpe:2.3:a:facebook:hhvm:4.21.0:*:*:*:*:*:*:*
cpe:2.3:a:facebook:hhvm:4.22.0:*:*:*:*:*:*:*
cpe:2.3:a:facebook:hhvm:4.23.0:*:*:*:*:*:*:*

EPSS

Процентиль: 89%
0.04726
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-119
CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2019-11929

CVSS3: 9.8
ubuntu
больше 6 лет назад

Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0.

debian логотип

CVE-2019-11929

CVSS3: 9.8
debian
больше 6 лет назад

Insufficient boundary checks when formatting numbers in number_format ...

github логотип

GHSA-r5v6-3r34-h6vr

CVSS3: 9.8
github
больше 3 лет назад

Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0.

EPSS

Процентиль: 89%
0.04726
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-119
CWE-119