Home > Vulnerability Database > CVE-2024-8929

Mend.io Vulnerability Database

CVE-2024-8929

Good to know:

Date: November 22, 2024

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.

Language: C

Severity Score

5.8

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-8929

Url: https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678

Url: https://www.mend.io/vulnerability-database/CVE-2024-8929

Severity Score

5.8

Weakness Type (CWE)

Information Leak / Disclosure

CWE-200

Out-of-bounds Read

CWE-125

Top Fix

Upgrade Version

Upgrade to version php-8.1.31,php-8.2.26,php-8.3.14

Learn More

CVSS v3.1

Base Score:	5.8
Attack Vector (AV):	ADJACENT_NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-8929

Good to know:

Date: November 22, 2024

Language: C

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?