vulnerability
Ubuntu: (Multiple Advisories) (CVE-2024-8929): PHP vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:A/AC:M/Au:S/C:C/I:N/A:N) | Nov 22, 2024 | Dec 16, 2024 | Apr 16, 2026 |
Severity
5
CVSS
(AV:A/AC:M/Au:S/C:C/I:N/A:N)
Published
Nov 22, 2024
Added
Dec 16, 2024
Modified
Apr 16, 2026
Description
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.
Solutions
ubuntu-pro-upgrade-libapache2-mod-php7-0ubuntu-pro-upgrade-php7-0ubuntu-pro-upgrade-php7-0-cgiubuntu-pro-upgrade-php7-0-cliubuntu-pro-upgrade-php7-0-ldapubuntu-pro-upgrade-php7-0-mysqlubuntu-upgrade-libapache2-mod-php7-4ubuntu-upgrade-libapache2-mod-php8-0ubuntu-upgrade-libapache2-mod-php8-1ubuntu-upgrade-libapache2-mod-php8-3ubuntu-upgrade-php7-4ubuntu-upgrade-php7-4-cgiubuntu-upgrade-php7-4-cliubuntu-upgrade-php7-4-fpmubuntu-upgrade-php7-4-mysqlubuntu-upgrade-php8-1ubuntu-upgrade-php8-1-cgiubuntu-upgrade-php8-1-cliubuntu-upgrade-php8-1-enchantubuntu-upgrade-php8-1-fpmubuntu-upgrade-php8-1-mysqlubuntu-upgrade-php8-3ubuntu-upgrade-php8-3-cgiubuntu-upgrade-php8-3-cliubuntu-upgrade-php8-3-fpmubuntu-upgrade-php8-3-mysql
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.