rpm package
opensuse/phpMyAdmin&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/phpMyAdmin&distro=openSUSE%20Leap%2015.6
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-24530 | Med | 6.4 | < 5.2.2-bp156.4.3.1 | 5.2.2-bp156.4.3.1 | Jan 23, 2025 | An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS. | |
| CVE-2025-24529 | Med | 6.4 | < 5.2.2-bp156.4.3.1 | 5.2.2-bp156.4.3.1 | Jan 23, 2025 | An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab. | |
| CVE-2024-2961 | Hig | 7.3 | < 5.2.2-bp156.4.3.1 | 5.2.2-bp156.4.3.1 | Apr 17, 2024 | The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. | |
| CVE-2023-30536 | — | < 5.2.2-bp156.4.3.1 | 5.2.2-bp156.4.3.1 | Apr 17, 2023 | slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline (\n) into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will al |
- affected < 5.2.2-bp156.4.3.1fixed 5.2.2-bp156.4.3.1
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
- affected < 5.2.2-bp156.4.3.1fixed 5.2.2-bp156.4.3.1
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
- affected < 5.2.2-bp156.4.3.1fixed 5.2.2-bp156.4.3.1
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
- CVE-2023-30536Apr 17, 2023affected < 5.2.2-bp156.4.3.1fixed 5.2.2-bp156.4.3.1
slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline (\n) into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will al