Updated: 2025-08-20 02:03:51.476705
Description:
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0.0 |
| CVSS Version 3.x | MEDIUM | 5.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| Oracle Linux 6 ELS | php | 5.3.3 | 5.8 | MEDIUM | Not Vulnerable | 2024-12-09 11:55:34 | not vulnerable | |
| Oracle Linux 7 ELS | php | 5.4.16 | 5.8 | MEDIUM | Ignored | 2024-12-03 12:10:02 | Ignored due to low severity | |
| RHEL 7 ELS | php | 5.4.16 | 5.8 | MEDIUM | Needs Triage | 2026-02-11 09:58:13 | ||
| TuxCare 9.6 ESU | php | 8.0.30 | 5.8 | MEDIUM | Needs Triage | 2026-02-11 09:58:35 | ||
| Ubuntu 16.04 ELS | php | 7.0.33 | 5.8 | MEDIUM | Ignored | 2024-12-02 09:53:04 | Ignored due to low severity | |
| Ubuntu 18.04 ELS | php | 7.2.24-0 | 5.8 | MEDIUM | Ignored | 2024-12-02 09:53:04 | Ignored due to low severity | |
| Ubuntu 20.04 ELS | php | 7.4.3 | 5.8 | MEDIUM | Already Fixed | 2025-05-27 03:57:07 |