Description
An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0.
References (2)
Core 2
Core References
Release Notes, Vendor Advisory x_refsource_confirm
https://hhvm.com/blog/2020/11/12/security-update.html
Patch, Third Party Advisory x_refsource_misc
https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4
Scores
CVSS v3
9.8
EPSS
0.0081
EPSS Percentile
74.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-122
CWE-787
Status
published
Products (6)
facebook/hhvm
4.79.0
facebook/hhvm
4.80.0
facebook/hhvm
4.81.0
facebook/hhvm
4.82.0
facebook/hhvm
4.83.0
facebook/hhvm
< 4.56.2
Published
Mar 10, 2021
Tracked Since
Feb 18, 2026