CVE-2024-8929

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.

CVSS v3 5.8 MEDIUM

5.8^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.3 / Impact : 4.0

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678	Exploit Vendor Advisory
https://security.netapp.com/advisory/ntap-20250110-0008/	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::
	cpe:2.3:a:php:php::::::::

History

02 Jul 2025, 20:11

Type	Values Removed	Values Added
First Time		Php Php php
CPE		cpe:2.3:a:php:php::::::::
References	~~() https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678 -~~	() https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678 - Exploit, Vendor Advisory
References	~~() https://security.netapp.com/advisory/ntap-20250110-0008/ -~~	() https://security.netapp.com/advisory/ntap-20250110-0008/ - Third Party Advisory

10 Jan 2025, 13:15

Type	Values Removed	Values Added
References		() https://security.netapp.com/advisory/ntap-20250110-0008/ -

22 Nov 2024, 07:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-22 07:15

Updated : 2025-07-02 20:11

NVD link : CVE-2024-8929

Mitre link : CVE-2024-8929

CVE.ORG link : CVE-2024-8929

JSON object : View

Products Affected

php

php

CWE

CWE-125

Out-of-bounds Read

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2024-8929", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@php.net", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 1.3}]}, "published": "2024-11-22T07:15:03.447", "references": [{"url": "https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678", "tags": ["Exploit", "Vendor Advisory"], "source": "security@php.net"}, {"url": "https://security.netapp.com/advisory/ntap-20250110-0008/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@php.net", "description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server."}, {"lang": "es", "value": "En las versiones de PHP 8.1.* anteriores a 8.1.31, 8.2.* anteriores a 8.2.26, 8.3.* anteriores a 8.3.14, un servidor MySQL hostil puede hacer que el cliente revele el contenido de su mont\u00f3n que contiene datos de otras solicitudes SQL y otros posibles datos que pertenecen a diferentes usuarios del mismo servidor."}], "lastModified": "2025-07-02T20:11:20.063", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE6E1B68-3EB9-4C67-97A6-226EA02CC2EA", "versionEndExcluding": "8.1.31", "versionStartIncluding": "8.1.0"}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C160D91A-CF97-4DD1-A34F-8B8C852B3CEC", "versionEndExcluding": "8.2.26", "versionStartIncluding": "8.2.0"}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35B1BA7F-0EAE-4F40-ACA4-EBC5D63F609A", "versionEndExcluding": "8.3.14", "versionStartIncluding": "8.3.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@php.net"}