High severity8.0GHSA Advisory· Published Jan 9, 2025· Updated Jun 17, 2026
CVE-2023-1907
CVE-2023-1907
Description
A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pgadmin4PyPI | < 7.0 | 7.0 |
Affected products
17- Range: < 7.0
- ghsa-coords16 versionspkg:pypi/pgadmin4pkg:rpm/suse/pgadmin4&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP6pkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/pgadmin4&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/pgadmin4&distro=SUSE%20Manager%20Server%204.3
< 7.0+ 15 more
- (no CPE)range: < 7.0
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
- (no CPE)range: < 4.30-150300.3.18.1
Patches
Vulnerability mechanics
References
7- access.redhat.com/security/cve/CVE-2023-1907nvdThird Party AdvisoryWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-7w6r-748w-mh52ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-1907ghsaADVISORY
- github.com/pgadmin-org/pgadmin4/blob/a9974b418c49760d3989b7fb25e052ff16b89ac6/docs/en_US/release_notes_7_0.rstghsaWEB
- github.com/pgadmin-org/pgadmin4/commit/fa29ba91632634d961f937ce3ed2c3b5a9d78f59ghsaWEB
- github.com/pgadmin-org/pgadmin4/issues/6100ghsaWEB
News mentions
0No linked articles in our index yet.