Home > Vulnerability Database > CVE-2024-8929

Mend.io Vulnerability Database

CVE-2024-8929

Date: November 22, 2024

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.

Language: C

Severity Score

5.8

Related Resources (5)

Url: https://security-tracker.debian.org/tracker/CVE-2024-8929

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-8929

Url: https://security.netapp.com/advisory/ntap-20250110-0008/

Url: https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678

Url: https://www.mend.io/vulnerability-database/CVE-2024-8929

Severity Score

5.8

Weakness Type (CWE)

Exposure of Sensitive Information to an Unauthorized Actor

CWE-200

Out-of-bounds Read

CWE-125

CVSS v3.1

Base Score:	5.8
Attack Vector (AV):	ADJACENT_NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-8929

Date: November 22, 2024

Language: C

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?