CVE-2024-8929

Updated: 2024-11-30 05:14:48.815214

Description:

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x MEDIUM 5.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS php 5.3.3 5.8 MEDIUM Not Vulnerable 2024-12-09 11:55:33 not vulnerable
CentOS 7 ELS php 5.4.16 5.8 MEDIUM In Testing 2024-12-09 05:22:02
CentOS 8.4 ELS php 7.4.6 5.8 MEDIUM In Progress 2024-12-10 16:22:47
CentOS 8.5 ELS php 7.4.19 5.8 MEDIUM In Progress 2024-12-09 05:22:02
CentOS Stream 8 ELS php 7.2.24 5.8 MEDIUM In Progress 2024-12-09 05:22:01
CloudLinux 6 ELS php 5.3.3 5.8 MEDIUM Not Vulnerable 2024-12-09 11:55:34 Not vulnerable
CloudLinux 7 ELS php 5.4.16 5.8 MEDIUM In Testing 2024-12-09 05:22:02
Oracle Linux 6 ELS php 5.3.3 5.8 MEDIUM Not Vulnerable 2024-12-09 11:55:34 not vulnerable
Oracle Linux 7 ELS php 5.4.16 5.8 MEDIUM Ignored 2024-12-03 12:10:02
Ubuntu 16.04 ELS php 7.0.33 5.8 MEDIUM Ignored 2024-12-02 09:53:04
Total: 11