CVE-2024-8929

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-8929
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-8929.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-8929
Aliases
Downstream
Related
Published
2024-11-22T07:15:03.447Z
Modified
2026-02-05T13:05:01.789946Z
Severity
  • 5.8 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
381ba9f5d0edd0c9c8ec1dea7e21d513ad08b115
Fixed
38123aca18c3c1bd1f109ec77af2f175d7afcf35
Introduced
70ee6c20ad97e02c2b8098aeea96fefbbc3ac5c2
Fixed
a3695d49e878eb2ebbf4645a0975cb5e225fbc7d
Introduced
d26068059e83fe40de3430a512471d194119bee0
Fixed
dc83dee9003edfff53f0f7d057bf79650c7f10dc

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-8929.json"