Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00.
CVSS Information
N/A
Vulnerability Type
敏感数据的不恰当跨边界移除
Vulnerability Title
Facebook HHVM和folly library 安全漏洞
Vulnerability Description
Facebook HHVM和folly library都是美国Facebook公司的产品。Facebook HHVM(又名HipHop Virtual Machine)是一款能够显著提高PHP加载动态页面性能的虚拟机。folly library是一个开源C++库。 Facebook HHVM 3.26.3之前的3.26版本和folly library 2017.12.11.00版本至2018.08.09.00版本中存在安全漏洞。攻击者可利用该漏洞造成多个分叉的子进程生成多个重复或类似的结果。
CVSS Information
N/A
Vulnerability Type
N/A