VYPR
Unrated severityNVD Advisory· Published Oct 2, 2019· Updated Aug 4, 2024

CVE-2019-11929

CVE-2019-11929

Description

Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Facebook/Hhvmllm-fuzzy2 versions
    <3.30.10, >=4.0.0 <=4.8.5, >=4.9.0 <=4.18.2, 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0+ 1 more
    • (no CPE)range: <3.30.10, >=4.0.0 <=4.8.5, >=4.9.0 <=4.18.2, 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0
    • (no CPE)range: 4.24.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.