{"uuid": "5681135f-246c-44b3-abb0-9b79dbc7b297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36937", "type": "seen", "source": "https://t.me/cibsecurity/63826", "content": "\u203c CVE-2022-36937 \u203c\n\nHHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerous published vulnerabilities and is deprecated. HHVM 4.153.4, 4.168.2, 4.169.2, 4.170.2, 4.171.1, 4.172.1, 4.173.0 replaces TLS1.0 with TLS1.3.Applications that call stream_socket_server or stream_socket_client functions with a URL starting with tls:// are affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T22:14:35.000000Z"}