Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Facebook HipHop Virtual Machine 代码注入漏洞
Vulnerability Description
Facebook HipHop Virtual Machine(HHVM)是美国Facebook公司的一款能够显著提高PHP加载动态页面性能的虚拟机。 Facebook HHVM 2.4.1及之前版本的hphp/util/light-process.cpp脚本中的LightProcess协议实现中存在CRLF注入漏洞。远程攻击者可通过在字符串末尾添加‘\n’字符利用该漏洞执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A