CVE-2019-3556
Last modified
CVE-2019-3556 is a high-severity vulnerability rated 8.1/10 on the CVSS scale. HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output cached regular expressions from the current execution context into a file. EPSS estimates a 1.73% chance of exploitation in the next 30 days.
Description
HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output cached regular expressions from the current execution context into a file. The handler takes a parameter which specifies where on the filesystem to write this data. The parameter is not validated, allowing a malicious user to overwrite arbitrary files where the user running HHVM has write access. This issue affects HHVM versions prior to 4.56.2, all versions between 4.57.0 and 4.78.0, as well as 4.79.0, 4.80.0, 4.81.0, 4.82.0, and 4.83.0.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hhvm | < 4.56.2 | |
| Hhvm | >= 4.57.0, <= 4.78.0 | |
| Hhvm | 4.79.0 | |
| Hhvm | 4.80.0 | |
| Hhvm | 4.81.0 | |
| Hhvm | 4.82.0 | |
| Hhvm | 4.83.0 |
References
- https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4Patch, Third Party Advisory
- https://hhvm.com/blog/2020/11/12/security-update.htmlVendor Advisory
- https://github.com/facebook/hhvm/commit/abe0b29e4d3a610f9bc920b8be4ad8403364c2d4Patch, Third Party Advisory
- https://hhvm.com/blog/2020/11/12/security-update.htmlVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-3556?
How severe is CVE-2019-3556?
How do I fix CVE-2019-3556?
Are you affected by CVE-2019-3556?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST