Memory Access Vulnerability in HHVM by Facebook
CVE-2019-11935
9.8CRITICAL
What is CVE-2019-11935?
This vulnerability occurs due to inadequate boundary checks in the mb_ereg_replace function of HHVM, potentially allowing for out-of-bounds memory access. Attackers may exploit this weakness to manipulate memory in ways that could lead to application instability or app behaviors that compromise security. It's crucial for users to update to the secure versions to mitigate this risk.
Affected Version(s)
HHVM 4.28.2
HHVM 4.28.0
HHVM 4.27.1