← Back to CVE List

CVE-2020-1918

Published: 2021-03-10T16:15Z
Last Modified: 2024-11-21T05:11Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
In-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt