Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:SUSE-SU-2024:2260-1
HistoryJul 02, 2024 - 8:03 a.m.

Security update for pgadmin4

2024-07-0208:03:40
Google
osv.dev
pgadmin4
security update
xss
multi-factor authentication

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

AI Score

6.6

Confidence

High

JSON

This update for pgadmin4 fixes the following issues:

  • CVE-2024-4216: Fixed XSS in /settings/store endpoint (bsc#1223868).
  • CVE-2024-4215: Fixed multi-factor authentication bypass (bsc#1223867).

Related

fedora 3
nessus 3
openvas 4
osv 3
cvelist 2
cve 2
veracode 2
github 2
vulnrichment 2
nvd 2
fedora
fedora
[SECURITY] Fedora 40 Update: pgadmin4-8.6-1.fc40
2024-05-23 01:09:17
[SECURITY] Fedora 40 Update: python-libgravatar-1.0.4-1.fc40
2024-05-23 01:09:17
[SECURITY] Fedora 39 Update: pgadmin4-7.8-7.fc39
2024-07-13 02:42:18
nessus
nessus
Fedora 40 : pgadmin4 / python-libgravatar (2024-4d4ceb61f7)
2024-05-23 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : pgadmin4 (SUSE-SU-2024:2260-1)
2024-07-03 00:00:00
Fedora 39 : pgadmin4 (2024-9820d9491f)
2024-07-13 00:00:00
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-4d4ceb61f7)
2024-05-27 00:00:00
Fedora: Security Advisory for python-libgravatar (FEDORA-2024-4d4ceb61f7)
2024-05-27 00:00:00
openSUSE: Security Advisory for pgadmin4 (SUSE-SU-2024:2260-1)
2024-07-10 00:00:00
osv
osv
pgadmin4-8.8-1.1 on GA media
2024-06-17 00:00:00
pgAdmin is affected by a multi-factor authentication bypass vulnerability
2024-05-02 18:30:55
pgAdmin Cross-site Scripting vulnerability in /settings/store API response json payload
2024-05-02 18:30:55
cvelist
cvelist
CVE-2024-4215 The Multi Factor Authentication bypass vulnerability in pgAdmin 4
2024-05-02 17:42:34
CVE-2024-4216 XSS vulnerability in /settings/store API response json payload in pgAdmin 4
2024-05-02 17:42:59
cve
cve
CVE-2024-4215
2024-05-02 18:15:07
CVE-2024-4216
2024-05-02 18:15:07
veracode
veracode
Authentication Bypass
2024-05-06 06:41:04
Cross-Site Scripting (XSS)
2024-05-06 07:00:32
github
github
pgAdmin is affected by a multi-factor authentication bypass vulnerability
2024-05-02 18:30:55
pgAdmin Cross-site Scripting vulnerability in /settings/store API response json payload
2024-05-02 18:30:55
vulnrichment
vulnrichment
CVE-2024-4215 The Multi Factor Authentication bypass vulnerability in pgAdmin 4
2024-05-02 17:42:34
CVE-2024-4216 XSS vulnerability in /settings/store API response json payload in pgAdmin 4
2024-05-02 17:42:59
nvd
nvd
CVE-2024-4215
2024-05-02 18:15:07
CVE-2024-4216
2024-05-02 18:15:07

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

AI Score

6.6

Confidence

High

JSON
Related for OSV:SUSE-SU-2024:2260-1
fedora3nessus3openvas4osv3cvelist2cve2veracode2github2vulnrichment2nvd2