Skip to main content

Hhvm CVE-2018-6334

CRITICAL
Variable Extraction Error (CWE-621)
2018-12-31 cve-assign@fb.com
9.8
CVSS 3.1 · Vendor: fb
Share

Severity by source

Vendor (fb) PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (fb) · only source for this CVE.

CVSS VectorVendor: fb

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 31, 2018 - 19:29 cve.org
CRITICAL 9.8

DescriptionCVE.org

Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before being used this can lead to unexpected behavior. This affects all supported versions of HHVM prior to the patch (3.25.1, 3.24.5, and 3.21.9 and below).

AnalysisAI

Multipart-file uploads call variables to be improperly registered in the global scope. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-621. Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before being used this can lead to unexpected behavior. This affects all supported versions of HHVM prior to the patch (3.25.1, 3.24.5, and 3.21.9 and below). Affected products include: Facebook Hhvm.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Hhvm

View all
CVE-2016-6870 CRITICAL
9.8 Feb 17

Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM

CVE-2016-6875 CRITICAL
9.8 Feb 17

Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vector

CVE-2016-6874 CRITICAL
9.8 Feb 17

The array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown v

CVE-2016-6873 CRITICAL
9.8 Feb 17

Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors

CVE-2016-6872 CRITICAL
9.8 Feb 17

Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via u

CVE-2016-6871 CRITICAL
9.8 Feb 17

Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vector

CVE-2021-24036 CRITICAL
9.8 Jul 23

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds wri

CVE-2021-24025 CRITICAL
9.8 Mar 10

Due to incorrect string size calculations inside the preg_quote function, a large input string passed to the function ca

CVE-2019-11936 CRITICAL
9.8 Dec 04

Various APC functions accept keys containing null bytes as input, leading to premature truncation of input.30.12, all ve

CVE-2019-11935 CRITICAL
9.8 Dec 04

Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory.30.12, al

CVE-2019-11930 CRITICAL
9.8 Dec 04

An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution.30.

CVE-2019-11929 CRITICAL
9.8 Oct 02

Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory,

Share

CVE-2018-6334 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy