CVE-2020-1900
- Source
- https://cve.org/CVERecord?id=CVE-2020-1900
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-1900.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-1900
- Downstream
- Published
- 2021-03-11T01:15:14.490Z
- Modified
- 2026-04-11T09:46:18.676799Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.
- References
Affected packages
Git / github.com/facebook/hhvm
Affected ranges
- Type
- GIT
- Repo
- https://github.com/facebook/hhvm
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "fixed": "4.32.3" }, { "introduced": "4.33.0" }, { "fixed": "4.56.1" }, { "introduced": "0" }, { "last_affected": "4.57.0" }, { "introduced": "0" }, { "last_affected": "4.58.0" }, { "introduced": "0" }, { "last_affected": "4.58.1" }, { "introduced": "0" }, { "last_affected": "4.59.0" }, { "introduced": "0" }, { "last_affected": "4.60.0" }, { "introduced": "0" }, { "last_affected": "4.61.0" }, { "introduced": "0" }, { "last_affected": "4.62.0" } ] }
Affected versions
HHVM-4.*
HHVM-4.32.0
HHVM-4.32.1
HHVM-4.32.2
HHVM-4.56.0
HHVM-4.57.0
HHVM-4.58.0
HHVM-4.58.1
HHVM-4.59.0
HHVM-4.60.0
HHVM-4.61.0
HHVM-4.62.0
HPHP-2.*
HPHP-2.1.0
gcc-4.*
gcc-4.6
nightly-2019.*
nightly-2019.03.28
nightly-2019.03.29
nightly-2019.03.30
nightly-2019.03.31
nightly-2019.04.01
nightly-2019.04.02
nightly-2019.04.03
nightly-2019.04.04
nightly-2019.04.05
nightly-2019.04.06
nightly-2019.04.07
nightly-2019.04.08
nightly-2019.04.09
nightly-2019.04.10
nightly-2019.04.11
nightly-2019.04.12
nightly-2019.04.13
nightly-2019.04.14
nightly-2019.04.15
nightly-2019.04.16
nightly-2019.04.17
nightly-2019.04.18
nightly-2019.04.19
nightly-2019.04.20
nightly-2019.04.21
nightly-2019.04.22
nightly-2019.04.23
nightly-2019.04.24
nightly-2019.04.25
nightly-2019.04.26
nightly-2019.04.27
nightly-2019.04.28
nightly-2019.04.29
nightly-2019.04.30
nightly-2019.05.01
nightly-2019.05.02
nightly-2019.05.03
nightly-2019.05.04
nightly-2019.05.05
nightly-2019.05.06
nightly-2019.05.07
nightly-2019.05.08
nightly-2019.05.09
nightly-2019.05.10
nightly-2019.05.11
nightly-2019.05.12
nightly-2019.05.13
nightly-2019.05.14
nightly-2019.05.15
nightly-2019.05.16
nightly-2019.05.17
nightly-2019.05.18
nightly-2019.05.19
nightly-2019.05.20
nightly-2019.05.21
nightly-2019.05.22
nightly-2019.05.23
nightly-2019.05.24
nightly-2019.05.25
nightly-2019.05.26
nightly-2019.05.27
nightly-2019.05.28
nightly-2019.05.29
nightly-2019.05.30
nightly-2019.05.31
nightly-2019.06.01
nightly-2019.06.02
nightly-2019.06.03
nightly-2019.06.04
nightly-2019.06.05
nightly-2019.06.06
nightly-2019.06.07
nightly-2019.06.08
nightly-2019.06.09
nightly-2019.06.10
nightly-2019.06.11
nightly-2019.06.12
nightly-2019.06.13
nightly-2019.06.14
nightly-2019.06.15
nightly-2019.06.16
nightly-2019.06.17
nightly-2019.06.18
nightly-2019.06.19
nightly-2019.06.20
nightly-2019.06.21
nightly-2019.06.22
nightly-2019.06.23
nightly-2019.06.24
nightly-2019.06.25
nightly-2019.06.26
nightly-2019.06.27
nightly-2019.06.28
nightly-2019.06.29
nightly-2019.06.30
nightly-2019.07.01
nightly-2019.07.02
nightly-2019.07.03
nightly-2019.07.04
nightly-2019.07.05
nightly-2019.07.06
nightly-2019.07.07
nightly-2019.07.08
nightly-2019.07.09
nightly-2019.07.10
nightly-2019.07.11
nightly-2019.07.12
nightly-2019.07.13
nightly-2019.07.14
nightly-2019.07.15
nightly-2019.07.16
nightly-2019.07.17
nightly-2019.07.18
nightly-2019.07.19
nightly-2019.07.20
nightly-2019.07.21
nightly-2019.07.22
nightly-2019.07.23
nightly-2019.07.24
nightly-2019.07.25
nightly-2019.07.26
nightly-2019.07.27
nightly-2019.07.28
nightly-2019.07.29
nightly-2019.07.30
nightly-2019.07.31
nightly-2019.08.01
nightly-2019.08.02
nightly-2019.08.03
nightly-2019.08.04
nightly-2019.08.05
nightly-2019.08.06
nightly-2019.08.07
nightly-2019.08.08
nightly-2019.08.09
nightly-2019.08.10
nightly-2019.08.11
nightly-2019.08.12
nightly-2019.08.13
nightly-2019.08.14
nightly-2019.08.15
nightly-2019.08.16
nightly-2019.08.17
nightly-2019.08.18
nightly-2019.08.19
nightly-2019.08.20
nightly-2019.08.21
nightly-2019.08.22
nightly-2019.08.23
nightly-2019.08.24
nightly-2019.08.25
nightly-2019.08.26
nightly-2019.08.27
nightly-2019.08.28
nightly-2019.08.29
nightly-2019.08.30
nightly-2019.08.31
nightly-2019.09.01
nightly-2019.09.02
nightly-2019.09.03
nightly-2019.09.04
nightly-2019.09.05
nightly-2019.09.06
nightly-2019.09.07
nightly-2019.09.08
nightly-2019.09.09
nightly-2019.09.10
nightly-2019.09.11
nightly-2019.09.12
nightly-2019.09.13
nightly-2019.09.14
nightly-2019.09.15
nightly-2019.09.16
nightly-2019.09.17
nightly-2019.09.18
nightly-2019.09.19
nightly-2019.09.20
nightly-2019.09.21
nightly-2019.09.22
nightly-2019.09.23
nightly-2019.09.24
nightly-2019.09.25
nightly-2019.09.26
nightly-2019.09.27
nightly-2019.09.28
nightly-2019.09.29
nightly-2019.09.30
nightly-2019.10.01
nightly-2019.10.02
nightly-2019.10.03
nightly-2019.10.04
nightly-2019.10.05
nightly-2019.10.06
nightly-2019.10.07
nightly-2019.10.08
nightly-2019.10.09
nightly-2019.10.10
nightly-2019.10.11
nightly-2019.10.12
nightly-2019.10.13
nightly-2019.10.14
nightly-2019.10.15
nightly-2019.10.16
nightly-2019.10.17
nightly-2019.10.18
nightly-2019.10.19
nightly-2019.10.20
nightly-2019.10.21
nightly-2019.10.22
nightly-2019.10.23
nightly-2019.10.24
nightly-2019.10.25
nightly-2019.10.26
nightly-2019.10.27
nightly-2019.10.28
nightly-2019.10.29
nightly-2019.10.30
nightly-2019.10.31
nightly-2019.11.01
nightly-2019.11.02
nightly-2019.11.03
nightly-2019.11.04
nightly-2019.11.05
nightly-2019.11.06
nightly-2019.11.07
nightly-2019.11.08
nightly-2019.11.09
nightly-2019.11.10
nightly-2019.11.11
nightly-2019.11.12
nightly-2019.11.13
nightly-2019.11.14
nightly-2019.11.15
nightly-2019.11.16
nightly-2019.11.17
nightly-2019.11.18
nightly-2019.11.19
nightly-2019.11.20
nightly-2019.11.21
nightly-2019.11.22
nightly-2019.11.23
nightly-2019.11.24
nightly-2019.11.25
nightly-2019.11.26
nightly-2019.11.27
nightly-2019.11.28
nightly-2019.11.29
nightly-2019.11.30
nightly-2019.12.01
nightly-2019.12.02
nightly-2019.12.03
nightly-2019.12.04
nightly-2019.12.05
nightly-2019.12.06
nightly-2019.12.07
nightly-2019.12.08
nightly-2019.12.09
nightly-2019.12.10
nightly-2019.12.11
nightly-2019.12.12
nightly-2019.12.13
nightly-2019.12.14
nightly-2019.12.15
nightly-2019.12.16
nightly-2019.12.17
nightly-2019.12.18
nightly-2019.12.19
nightly-2019.12.20
nightly-2019.12.21
nightly-2019.12.22
nightly-2019.12.23
nightly-2019.12.24
nightly-2019.12.25
nightly-2019.12.26
nightly-2019.12.27
nightly-2019.12.28
nightly-2019.12.29
nightly-2019.12.30
nightly-2019.12.31
nightly-2020.*
nightly-2020.01.01
nightly-2020.01.02
nightly-2020.01.03
nightly-2020.01.04
nightly-2020.01.05
nightly-2020.01.06
nightly-2020.01.07
nightly-2020.01.08
nightly-2020.01.09
nightly-2020.01.10
nightly-2020.01.11
nightly-2020.01.12
nightly-2020.01.13
nightly-2020.01.14
nightly-2020.01.15
nightly-2020.01.16
nightly-2020.01.17
nightly-2020.01.18
nightly-2020.01.19
nightly-2020.01.20
nightly-2020.01.21
nightly-2020.01.22
nightly-2020.01.23
nightly-2020.01.24
nightly-2020.01.25
nightly-2020.01.26
nightly-2020.01.27
nightly-2020.01.28
nightly-2020.01.29
nightly-2020.01.30
nightly-2020.01.31
nightly-2020.02.01
nightly-2020.02.02
nightly-2020.02.03
nightly-2020.02.04
nightly-2020.02.05
nightly-2020.02.06
nightly-2020.02.07
nightly-2020.02.08
nightly-2020.02.09
nightly-2020.02.10
nightly-2020.02.11
nightly-2020.02.12
nightly-2020.02.13
nightly-2020.02.14
nightly-2020.02.15
nightly-2020.02.16
nightly-2020.02.17
nightly-2020.02.18
nightly-2020.02.19
nightly-2020.02.20
nightly-2020.02.21
nightly-2020.02.22
nightly-2020.02.23
nightly-2020.02.24
nightly-2020.02.25
nightly-2020.02.26
nightly-2020.02.27
nightly-2020.02.28
nightly-2020.02.29
nightly-2020.03.01
nightly-2020.03.02
nightly-2020.03.03
nightly-2020.03.04
nightly-2020.03.05
nightly-2020.03.06
nightly-2020.03.07
nightly-2020.03.08
nightly-2020.03.09
nightly-2020.03.10
nightly-2020.03.11
nightly-2020.03.12
nightly-2020.03.13
nightly-2020.03.14
nightly-2020.03.15
nightly-2020.03.16
nightly-2020.03.17
nightly-2020.03.18
nightly-2020.03.19
nightly-2020.03.20
nightly-2020.03.21
nightly-2020.03.22
nightly-2020.03.23
nightly-2020.03.24
nightly-2020.03.25
nightly-2020.03.26
nightly-2020.03.27
nightly-2020.03.28
nightly-2020.03.29
nightly-2020.03.30
nightly-2020.03.31
nightly-2020.04.01
nightly-2020.04.02
nightly-2020.04.03
nightly-2020.04.04
nightly-2020.04.05
nightly-2020.04.06
nightly-2020.04.07
nightly-2020.04.08
nightly-2020.04.09
nightly-2020.04.10
nightly-2020.04.11
nightly-2020.04.12
nightly-2020.04.13
nightly-2020.04.14
nightly-2020.04.15
nightly-2020.04.16
nightly-2020.04.17
nightly-2020.04.18
nightly-2020.04.19
nightly-2020.04.20
nightly-2020.04.21
nightly-2020.04.22
nightly-2020.04.23
nightly-2020.04.24
nightly-2020.04.25
nightly-2020.04.26
nightly-2020.04.27
nightly-2020.04.28
nightly-2020.04.29
nightly-2020.04.30
nightly-2020.05.01
nightly-2020.05.02
nightly-2020.05.03
nightly-2020.05.04
nightly-2020.05.05
nightly-2020.05.06
nightly-2020.05.07
nightly-2020.05.08
nightly-2020.05.09
nightly-2020.05.10
nightly-2020.05.11
nightly-2020.05.12
nightly-2020.05.13
nightly-2020.05.14
nightly-2020.05.15
nightly-2020.05.16
nightly-2020.05.17
nightly-2020.05.18
nightly-2020.05.19
nightly-2020.05.20
nightly-2020.05.21
nightly-2020.05.22
nightly-2020.05.23
nightly-2020.05.24
nightly-2020.05.25
nightly-2020.05.26
nightly-2020.05.27
nightly-2020.05.28
nightly-2020.05.29
nightly-2020.05.30
nightly-2020.05.31
nightly-2020.06.01
nightly-2020.06.02
nightly-2020.06.03
nightly-2020.06.04
nightly-2020.06.05
nightly-2020.06.06
nightly-2020.06.07
nightly-2020.06.08
nightly-2020.06.09
nightly-2020.06.10
nightly-2020.06.11
nightly-2020.06.12
nightly-2020.06.13
nightly-2020.06.14
nightly-2020.06.15
nightly-2020.06.16
nightly-2020.06.17
nightly-2020.06.18
nightly-2020.06.19
nightly-2020.06.20
nightly-2020.06.21
nightly-2020.06.22
nightly-2020.06.23
nightly-2020.06.24
nightly-2020.06.25
nightly-2020.06.26
nightly-2020.06.27
nightly-2020.06.28
nightly-2020.06.29
nightly-2020.06.30
Other
pre-hhvm
src-hphp
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-1900.json"
vanir_signatures
[
{
"source": "https://github.com/facebook/hhvm/commit/c1c4bb0cf9e076aafaf4ff3515556ef9faf906f3",
"digest": {
"line_hashes": [
"15087195484119549554939185744270694969",
"247740747057664256062925961828700856466",
"5649611835980604045452791483973726846"
],
"threshold": 0.9
},
"id": "CVE-2020-1900-12916571",
"deprecated": false,
"target": {
"file": "hphp/runtime/base/variable-unserializer.cpp"
},
"signature_type": "Line",
"signature_version": "v1"
},
{
"source": "https://github.com/facebook/hhvm/commit/c1c4bb0cf9e076aafaf4ff3515556ef9faf906f3",
"digest": {
"length": 931.0,
"function_hash": "150732268746904783890200202889608657611"
},
"id": "CVE-2020-1900-5aecfeb3",
"deprecated": false,
"target": {
"function": "VariableUnserializer::unserializeProp",
"file": "hphp/runtime/base/variable-unserializer.cpp"
},
"signature_type": "Function",
"signature_version": "v1"
},
{
"source": "https://github.com/facebook/hhvm/commit/c1c4bb0cf9e076aafaf4ff3515556ef9faf906f3",
"digest": {
"line_hashes": [
"319370469949607528258900883936558130478",
"19056843371057609482005153843118411412",
"224510060117883053613959646770243998371"
],
"threshold": 0.9
},
"id": "CVE-2020-1900-5bb7a3f3",
"deprecated": false,
"target": {
"file": "hphp/runtime/base/object-data.cpp"
},
"signature_type": "Line",
"signature_version": "v1"
},
{
"source": "https://github.com/facebook/hhvm/commit/55dc2e1650c1e79e67b7f0ef20e51cd2d504a4bb",
"digest": {
"line_hashes": [
"331473762518125757472384839031571060902",
"4158620335537989919269120992316136210",
"37536044244405383633242229082848527784",
"140335216194151808759673220052749435881"
],
"threshold": 0.9
},
"id": "CVE-2020-1900-b7606651",
"deprecated": false,
"target": {
"file": "hphp/runtime/version.h"
},
"signature_type": "Line",
"signature_version": "v1"
},
{
"source": "https://github.com/facebook/hhvm/commit/c1c4bb0cf9e076aafaf4ff3515556ef9faf906f3",
"digest": {
"length": 202.0,
"function_hash": "301093375172016626895894563153915036256"
},
"id": "CVE-2020-1900-ba56ca6b",
"deprecated": false,
"target": {
"function": "ObjectData::reserveProperties",
"file": "hphp/runtime/base/object-data.cpp"
},
"signature_type": "Function",
"signature_version": "v1"
},
{
"source": "https://github.com/facebook/hhvm/commit/d6af4b525b31c96526b2508642d58dbf5c7d496c",
"digest": {
"line_hashes": [
"286093828909174357221555418457755310879",
"96311019219661911020751373701839576672",
"281574740350394436842520560909858709910",
"140335216194151808759673220052749435881"
],
"threshold": 0.9
},
"id": "CVE-2020-1900-e22db0a3",
"deprecated": false,
"target": {
"file": "hphp/runtime/version.h"
},
"signature_type": "Line",
"signature_version": "v1"
}
]
vanir_signatures_modified
"2026-04-11T09:46:18Z"