{"id":"CVE-2018-6334","details":"Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before being used this can lead to unexpected behavior. This affects all supported versions of HHVM prior to the patch (3.25.1, 3.24.5, and 3.21.9 and below).","modified":"2026-04-11T11:39:53.210597Z","published":"2018-12-31T19:29:00.323Z","references":[{"type":"FIX","url":"https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff"},{"type":"FIX","url":"https://hhvm.com/blog/2018/03/30/hhvm-3.25.2.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/facebook/hhvm","events":[{"introduced":"0"},{"last_affected":"c8659a24fd0d099e23ab04278fcb68380b71a1fd"},{"introduced":"fff094b066f4780b175befeb9ba949f9dcf73d8c"},{"last_affected":"da1bf9ddfab87c19c90785c8794bc4e3533de789"},{"introduced":"5f227331c426ef58513feb5c92ffd0a705067b2f"},{"last_affected":"b5bd3e2272db13534483b1955e00931b3347068c"},{"fixed":"6937de5544c3eead3466b75020d8382080ed0cff"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.21.9"},{"introduced":"3.21.10"},{"last_affected":"3.24.5"},{"introduced":"3.24.6"},{"last_affected":"3.25.1"}]}}],"versions":["HHVM-3.21.0","HHVM-3.21.1","HHVM-3.21.2","HHVM-3.21.3","HHVM-3.21.4","HHVM-3.21.5","HHVM-3.21.6","HHVM-3.21.7","HHVM-3.21.8","HHVM-3.21.9","HHVM-3.24.0","HHVM-3.24.1","HHVM-3.24.2","HHVM-3.24.3","HHVM-3.24.4","HHVM-3.24.5","HHVM-3.25.0","HHVM-3.25.1","HPHP-2.1.0","gcc-4.6","pre-hhvm","src-hphp"],"database_specific":{"vanir_signatures_modified":"2026-04-11T11:39:53Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-6334.json","vanir_signatures":[{"deprecated":false,"target":{"file":"hphp/runtime/server/upload.cpp","function":"rfc1867PostHandler"},"source":"https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff","signature_version":"v1","signature_type":"Function","id":"CVE-2018-6334-734d7878","digest":{"length":9934,"function_hash":"175828752513475780617821429293548006380"}},{"deprecated":false,"target":{"file":"hphp/runtime/server/upload.cpp"},"source":"https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff","signature_version":"v1","signature_type":"Line","id":"CVE-2018-6334-b5d732fc","digest":{"threshold":0.9,"line_hashes":["143507543936789370513886349577796239896","263893716761790795440136318779615562615","143351606562661256512476187940254624926","289875435738067823170305744333632898172","64596904271088074605209912893638782456","164025510828520842866297685460630217292","299174893921039459062367920414556303296","235671302492398233686362047772713901114","248450201553451381755310891786979752045","253417968737735013198140591464770653117","104543653989352920615721436280077106987","57765444005300732491208987068292045938","213664689753547459893411900855595438248","132549635346343976344052750852469138411","297916347790891736352172448398107494258","222030548198611179532980632490376386981","87209098899539459329222873750218660809","83673908527333103664008407046675188130","22075291727219780251281394586431701999","257766151043947225736413274546555165997","65357794683271902024865947366461325012","92082634571706953743584255775341121451","201138114037958931519912409688789387134","310554329540905131336172025332319841836","259190157290589250372384026944134703720","58961075339791988277048378361330027180","322046354138475616418543059940303685045","237157771723181166155806477747910820906","333334174028182484686709150926366803605","229297690597487311280670784688373911246","65570808135713782687775135654363504116","88870470980360195982048641613298605558","180354773620956792618874785853015759915","11346251397711167920822412932622509747","335671414375503158963815881911285009287","61713046561965864996686585015963319342","312202489681946254106908829813778194817","74963985674107704904749410968234118856","116449424178225477282971229279231021027","136818978396908199019774311580777221358","11189291501957374349568937571591397431","191424360199356230688462815498378770706","325198072716127082085000011097432680588","40339548511063145031765626988195604552","139425701153934565990597171500655789015","28411956964582124968105708729148282878","248013098086627713021212743731787190609","197730287049967498702821557988098911027","115329659680595429408903463098623891797","85165334783728451158840989705825810739","203928983173420769271565968119396142280","17658632084754342810525403040881422408","208944621308622514237972411148651293409","63023069204734875235446197826429308887","57419460710785518923147755044304580388","37904166476777508169896183035237406063","313287384531359272029599477475046191067","76690000002290931353820148671075428060","22181439806315776334487141936692224155","283572175096373701011252566709482336965","120661276416224762456841234609309842424","244842713045195576806618247960551791520","233267825462350788025180903268704785804","196650816830999005488589604229888401954","164392176943046544451843888223053971502","313372950442269888846240620478765066951","55711374153969490718204588307207730171"]}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}