CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2208

CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.0%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2014-2208

Facebook » Hiphop Virtual Machine » Version: 2.2.0

cpe:2.3:a:facebook:hiphop_virtual_machine:2.2.0
Facebook » Hiphop Virtual Machine » Version: 2.3.0

cpe:2.3:a:facebook:hiphop_virtual_machine:2.3.0
Facebook » Hiphop Virtual Machine » Version: 2.3.1

cpe:2.3:a:facebook:hiphop_virtual_machine:2.3.1
Facebook » Hiphop Virtual Machine » Version: 2.3.2

cpe:2.3:a:facebook:hiphop_virtual_machine:2.3.2
Facebook » Hiphop Virtual Machine » Version: 2.3.3

cpe:2.3:a:facebook:hiphop_virtual_machine:2.3.3
Facebook » Hiphop Virtual Machine » Version: 2.4.0

cpe:2.3:a:facebook:hiphop_virtual_machine:2.4.0
Facebook » Hiphop Virtual Machine » Version: 2.4.1

cpe:2.3:a:facebook:hiphop_virtual_machine:2.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2208

Products

Pricing

Contact Us