GCVE - cpe:2.3:a:facebook:hhvm:4.42.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:facebook:hhvm:4.42.0:*:*:*:*:*:*:*

part: a version: 4.42.0 update: *

Vendor	Facebook (`c319c35a-3469-5baa-b3bd-8582d1206a92`)
Product	Hhvm (`f2db6c03-3315-587d-a49f-0af5739172b6`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/facebook/hhvm`	purl2cpe	2026-06-01 10:11:42.804094

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-1893`	vulnerable	2026-06-03 14:41:59.022269	Details available Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. Published: 2020-03-03T15:00:26.000Z Updated: 2024-08-04T06:53:59.787Z Open on db.gcve.eu Reference links https://hhvm.com/blog/2020/02/20/security-update.html https://github.com/facebook/hhvm/commit/bd586671a3c22eb2f07e55f11b3ce64e1f7961e7	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-1892`	vulnerable	2026-06-03 14:41:59.021722	Details available Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. Published: 2020-03-03T15:00:26.000Z Updated: 2024-08-04T06:53:59.519Z Open on db.gcve.eu Reference links https://hhvm.com/blog/2020/02/20/security-update.html https://github.com/facebook/hhvm/commit/dabd48caf74995e605f1700344f1ff4a5d83441d	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-1888`	vulnerable	2026-06-03 14:41:59.011404	Details available Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. Published: 2020-03-03T15:00:25.000Z Updated: 2024-08-04T06:53:59.615Z Open on db.gcve.eu Reference links https://github.com/facebook/hhvm/commit/b3679121bb3c7017ff04b4c08402ffff5cf59b13 https://hhvm.com/blog/2020/02/20/security-update.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.