Updated: 2025-08-20 02:03:51.476705
Description:
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0.0 |
| CVSS Version 3.x | MEDIUM | 5.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | php | 8.0.30 | 5.8 | MEDIUM | Released | CLSA-2025:1757946824 | 2025-09-16 01:40:50 | |
| Alpine Linux 3.18 ELS | php | 8.2.16 | 5.8 | MEDIUM | Needs Triage | 2026-02-11 09:58:40 | ||
| CentOS 6 ELS | php | 5.3.3 | 5.8 | MEDIUM | Not Vulnerable | 2024-12-09 11:55:33 | not vulnerable | |
| CentOS 7 ELS | php | 5.4.16 | 5.8 | MEDIUM | Released | CLSA-2025:1738695324 | 2025-02-20 06:44:51 | |
| CentOS 8.4 ELS | php | 7.4.6 | 5.8 | MEDIUM | Released | CLSA-2024:1735130624 | 2024-12-25 23:22:40 | |
| CentOS 8.5 ELS | php | 7.4.19 | 5.8 | MEDIUM | Released | CLSA-2025:1738696117 | 2025-02-06 06:40:48 | |
| CentOS Stream 8 ELS | php | 7.2.24 | 5.8 | MEDIUM | Released | CLSA-2025:1739812360 | 2025-02-18 06:41:28 | |
| CloudLinux 6 ELS | php | 5.3.3 | 5.8 | MEDIUM | Not Vulnerable | 2024-12-09 11:55:34 | Not vulnerable | |
| CloudLinux 7 ELS | php | 5.4.16 | 5.8 | MEDIUM | Released | CLSA-2025:1738695530 | 2025-02-19 11:36:21 | |
| Debian 10 ELS | php | 7.3 | 5.8 | MEDIUM | Needs Triage | 2026-02-11 09:58:18 |