Unrated severityNVD Advisory· Published Dec 28, 2014· Updated Jun 17, 2026
CVE-2014-5386
CVE-2014-5386
Description
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initialization vector.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:facebook:hiphop_virtual_machine:*:*:*:*:*:*:*:*Range: <=3.2.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.