pgAdmin OAuth2 security flaw in versions 8.11 and earlie
Reporter | Title | Published | Views | Family All 13 |
---|---|---|---|---|
Tenable Nessus | Fedora 40 : pgadmin4 (2024-126d22c121) | 4 Oct 202400:00 | – | nessus |
Cvelist | CVE-2024-9014 OAuth2 client id and secret exposed through the web browser in pgAdmin 4 | 23 Sep 202417:04 | – | cvelist |
F5 Networks | K000148478: PostgreSQL pgAdmin vulnerability CVE-2024-9014 | 11 Nov 202400:00 | – | f5 |
Vulnrichment | CVE-2024-9014 OAuth2 client id and secret exposed through the web browser in pgAdmin 4 | 23 Sep 202417:04 | – | vulnrichment |
Nuclei | pgAdmin 4 - Authentication Bypass | 26 Sep 202411:41 | – | nuclei |
OSV | OAuth2 client ID and secret exposed through the web browser | 23 Sep 202418:30 | – | osv |
OSV | Security update for pgadmin4 | 29 Oct 202412:55 | – | osv |
OpenVAS | Fedora: Security Advisory (FEDORA-2024-126d22c121) | 4 Oct 202400:00 | – | openvas |
OpenVAS | openSUSE: Security Advisory for pgadmin4 (SUSE-SU-2024:3771-1) | 30 Oct 202400:00 | – | openvas |
Fedora | [SECURITY] Fedora 40 Update: pgadmin4-8.9-3.fc40 | 4 Oct 202401:47 | – | fedora |
[
{
"defaultStatus": "affected",
"modules": [
"User Authentication"
],
"product": "pgAdmin 4",
"programFiles": [
"https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/templates/security/login_user.html"
],
"repo": "https://github.com/pgadmin-org/pgadmin4",
"vendor": "pgadmin.org",
"versions": [
{
"lessThan": "8.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]
Source | Link |
---|---|
github | www.github.com/pgadmin-org/pgadmin4/issues/7945 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo