HHVM versions prior to 3.30.10 Memory Buffer Overflow Vulnerability
HHVM versions prior to 3.30.10 suffer from Memory Buffer Overflow Vulnerability
The information has been provided by Vendor.
The original article can be found at: https://hhvm.com/blog/2019/09/25/security-update.html
Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution.
HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0.