Security Advisory

CVE-2019-11929

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-10-02 19:07:18

Last updated 2024-08-04 23:10:29

Assigner facebook

State PUBLISHED

Description

Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0.

← Browse all CVEs View on cve.org ↗