Unrated severityNVD Advisory· Published Mar 10, 2021· Updated Aug 4, 2024
CVE-2020-1921
CVE-2020-1921
Description
In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/facebook/hhvm/commit/08193b7f0cd3910256e00d599f0f3eb2519c44camitrex_refsource_MISC
- hhvm.com/blog/2021/02/25/security-update.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.