{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "versions": [
              {
                "introduced": "0"
              },
              {
                "fixed": "4.32.3"
              },
              {
                "introduced": "4.33.0"
              },
              {
                "fixed": "4.56.1"
              },
              {
                "introduced": "0"
              },
              {
                "last_affected": "4.57.0"
              },
              {
                "introduced": "0"
              },
              {
                "last_affected": "4.58.0"
              },
              {
                "introduced": "0"
              },
              {
                "last_affected": "4.58.1"
              },
              {
                "introduced": "0"
              },
              {
                "last_affected": "4.59.0"
              },
              {
                "introduced": "0"
              },
              {
                "last_affected": "4.60.0"
              },
              {
                "introduced": "0"
              },
              {
                "last_affected": "4.61.0"
              },
              {
                "introduced": "0"
              },
              {
                "last_affected": "4.62.0"
              }
            ]
          },
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "d6af4b525b31c96526b2508642d58dbf5c7d496c"
            },
            {
              "introduced": "8df1dd7ead93f50388145dd8d7734a69204b50a7"
            },
            {
              "fixed": "55dc2e1650c1e79e67b7f0ef20e51cd2d504a4bb"
            },
            {
              "introduced": "0"
            },
            {
              "last_affected": "ce87598e3c65a922a6e25c7119e2446f1fa6a4b6"
            },
            {
              "introduced": "0"
            },
            {
              "last_affected": "e5d9f54178cc971e4343610744bd91092480a508"
            },
            {
              "introduced": "0"
            },
            {
              "last_affected": "175104241963f6ad874ba3a87c44c0c3267e40cb"
            },
            {
              "introduced": "0"
            },
            {
              "last_affected": "cfa9d4ef854b3a0e58bec1f1b44aac9a509d061b"
            },
            {
              "introduced": "0"
            },
            {
              "last_affected": "9886a016c187bdee00d3a865312f58adf57ccec4"
            },
            {
              "introduced": "0"
            },
            {
              "last_affected": "a8569adad0db669eceb81590f3b225bdd50e5ae3"
            },
            {
              "introduced": "0"
            },
            {
              "last_affected": "2fe7d70e6da93772c770dee950542cac80b5bc2f"
            },
            {
              "fixed": "c1c4bb0cf9e076aafaf4ff3515556ef9faf906f3"
            }
          ],
          "repo": "https://github.com/facebook/hhvm",
          "type": "GIT"
        }
      ]
    }
  ],
  "details": "When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.",
  "id": "CVE-2020-1900",
  "modified": "2026-03-13T21:47:28.967860479Z",
  "published": "2021-03-11T01:15:14.490Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://hhvm.com/blog/2020/06/30/security-update.html"
    },
    {
      "type": "FIX",
      "url": "https://github.com/facebook/hhvm/commit/c1c4bb0cf9e076aafaf4ff3515556ef9faf906f3"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}