Description
Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6Attack Vector: Network
Complexity: Low
Privileges: None
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: None
Availability: None
Affected Packages5 packages
🔴Vulnerability Details
2GHSAGHSA-4p9p-mw39-jmxv: Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network↗2025-07-08 CVEListMicrosoft SQL Server Information Disclosure Vulnerability↗2025-07-08 📋Vendor Advisories
1MicrosoftMicrosoft SQL Server Information Disclosure Vulnerability↗2025-07-08