Filtered by vendor Facebook
Subscribe
Total
121 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1911 | 1 Facebook | 1 Hermes | 2020-09-11 | 6.8 MEDIUM | 9.8 CRITICAL |
| A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes prior to commit fe52854cdf6725c2eaa9e125995da76e6ceb27da allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected. | |||||
| CVE-2019-11937 | 1 Facebook | 1 Mcrouter | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Mcrouter prior to v0.41.0, a large struct input provided to the Carbon protocol reader could result in stack exhaustion and denial of service. | |||||
| CVE-2019-11924 | 1 Facebook | 1 Fizz | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| A peer could send empty handshake fragments containing only padding which would be kept in memory until a full handshake was received, resulting in memory exhaustion. This issue affects versions v2019.01.28.00 and above of fizz, until v2019.08.05.00. | |||||
| CVE-2019-11923 | 1 Facebook | 1 Mcrouter | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Mcrouter prior to v0.41.0, the deprecated ASCII parser would allocate a buffer to a user-specified length with no maximum length enforced, allowing for resource exhaustion or denial of service. | |||||
| CVE-2020-1897 | 1 Facebook | 1 Proxygen | 2020-05-19 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence. This issue affects versions of proxygen prior to v2020.05.18.00. | |||||
| CVE-2020-1895 | 1 Facebook | 1 Instagram | 2020-04-10 | 6.8 MEDIUM | 7.8 HIGH |
| A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128. | |||||
| CVE-2019-11939 | 1 Facebook | 1 Thrift | 2020-03-20 | 5.0 MEDIUM | 7.5 HIGH |
| Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.03.16.00. | |||||
| CVE-2019-3553 | 1 Facebook | 1 Thrift | 2020-03-11 | 5.0 MEDIUM | 7.5 HIGH |
| C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.02.03.00. | |||||
| CVE-2019-11938 | 1 Facebook | 1 Thrift | 2020-03-11 | 5.0 MEDIUM | 7.5 HIGH |
| Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.12.09.00. | |||||
| CVE-2016-1000109 | 1 Facebook | 1 Hhvm | 2020-03-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. This issue affects HHVM versions prior to 3.9.6, all versions between 3.10.0 and 3.12.4 (inclusive), and all versions between 3.13.0 and 3.14.2 (inclusive). | |||||
| CVE-2020-1893 | 1 Facebook | 1 Hhvm | 2020-03-05 | 5.0 MEDIUM | 7.5 HIGH |
| Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. | |||||
| CVE-2020-1892 | 1 Facebook | 1 Hhvm | 2020-03-05 | 6.4 MEDIUM | 8.1 HIGH |
| Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. | |||||
| CVE-2020-1888 | 1 Facebook | 1 Hhvm | 2020-03-05 | 5.0 MEDIUM | 7.5 HIGH |
| Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. | |||||
| CVE-2016-1000005 | 1 Facebook | 1 Hhvm | 2020-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. This issue affects HHVM versions prior to 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions between 3.13.0 and 3.14.1 (inclusive). | |||||
| CVE-2016-1000004 | 1 Facebook | 1 Hhvm | 2020-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. This issue affects HHVM versions prior to 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions between 3.13.0 and 3.14.1 (inclusive). | |||||
| CVE-2019-11940 | 1 Facebook | 1 Proxygen | 2019-12-17 | 7.5 HIGH | 9.8 CRITICAL |
| In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00. | |||||
| CVE-2019-11934 | 1 Facebook | 1 Folly | 2019-12-13 | 7.5 HIGH | 9.8 CRITICAL |
| Improper handling of close_notify alerts can result in an out-of-bounds read in AsyncSSLSocket. This issue affects folly prior to v2019.11.04.00. | |||||
| CVE-2019-11935 | 1 Facebook | 1 Hhvm | 2019-12-11 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1. | |||||
| CVE-2019-11929 | 1 Facebook | 1 Hhvm | 2019-10-10 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.18.2, and versions 4.19.0, 4.19.1, 4.20.0, 4.20.1, 4.20.2, 4.21.0, 4.22.0, 4.23.0. | |||||
| CVE-2019-3561 | 1 Facebook | 1 Hhvm | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient boundary checks for the strrpos and strripos functions allow access to out-of-bounds memory. This affects all supported versions of HHVM (4.0.3, 3.30.4, and 3.27.7 and below). | |||||