CVE-2022-36937




HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerous published vulnerabilities and is deprecated. HHVM 4.153.4, 4.168.2, 4.169.2, 4.170.2, 4.171.1, 4.172.1, 4.173.0 replaces TLS1.0 with TLS1.3. Applications that call stream_socket_server or stream_socket_client functions with a URL starting with tls:// are affected.


We have discovered 512 live websites that are affected by CVE-2022-36937.

Contact us to get more info



Affected Software

Product  HHVM
Category Web Servers
Vulnerable Versions
  • from 0 before 4.153.4
  • from 4.154 before 1.168.2
  • from 4.169 before 4.169.2
  • from 4.170 before 4.170.2
  • from 4.171 before 4.171.1
  • from 4.172 before 4.172.1
Total Vulnerable Versions70
Vulnerable Domains512 live websites (99.81% of HHVM install base)


Distribution by Website Rank

The diagram provides a graphic representation of the correlation between the occurrence of CVE-2022-36937 and the relative popularity of websites


Details

  • Published - May 10, 2023
  • Updated - May 10, 2023




Countries

United States153 websites


Singapore68 websites
Australia66 websites
Netherlands47 websites
China18 websites
France18 websites
GB16 websites
Japan13 websites
Latvia11 websites
Iceland10 websites

TLDs

.com254 websites
.com.au45 websites
.nl40 websites
.org16 websites
.com.cn14 websites
.net12 websites
.co.uk12 websites
.fr7 websites
.co.jp6 websites
.io5 websites

Vulnerable Versions

Vulnerable versions are highlighted in red


Geographical Distribution

The distribution of websites across the globe that are exposed to CVE-2022-36937 through included software libraries and plugins.



References


Websites affected by CVE-2022-36937

Top websites that are affected by CVE-2022-36937. Please click on the "Contact us" button above to get more information.
DomainCountryRankContacts
*******.com United States**,***
*******.net **,***
*************.com United States***,***
**.**********.com United States***,***
***********.com United States***,***
**************.com United States***,***
***.******.cz Czech Republic***,***
***.**************.com United States***,***
*.*******.com United States***,***
********************.com France***,***
See full domain list