In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Nov 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Fri, 22 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Php Group
Php Group php |
|
CPEs | cpe:2.3:a:php_group:php:*:*:*:*:*:*:*:* | |
Vendors & Products |
Php Group
Php Group php |
|
Metrics |
ssvc
|
Fri, 22 Nov 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. | |
Title | Leak partial content of the heap through heap buffer over-read in mysqlnd | |
Weaknesses | CWE-125 CWE-200 |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: php
Published: 2024-11-22T06:15:29.643Z
Updated: 2024-11-22T17:40:35.112Z
Reserved: 2024-09-17T04:17:06.982Z
Link: CVE-2024-8929
Vulnrichment
Updated: 2024-11-22T17:40:23.078Z
NVD
Status : Received
Published: 2024-11-22T07:15:03.447
Modified: 2024-11-22T07:15:03.447
Link: CVE-2024-8929
Redhat