Insufficient boundary checks for the strrpos and strripos functions allow access to out-of-bounds memory. This affects all supported versions of HHVM (4.0.3, 3.30.4, and 3.27.7 and below).

Related CVEs

CVE-2019-3561

Key Information

GHSA ID

GHSA-rhw4-xq2h-gwx6

Published

May 24, 2022 4:44 PM

Last Modified

April 4, 2024 12:17 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 4, 2025 6:27 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.