rpm package
suse/pgadmin4&distro=SUSE Linux Enterprise Module for Server Applications 15 SP5
pkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-4216 | — | < 4.30-150300.3.15.1 | 4.30-150300.3.15.1 | May 2, 2024 | pgAdmin <= 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end. | ||
| CVE-2024-2044 | — | < 4.30-150300.3.12.1 | 4.30-150300.3.12.1 | Mar 7, 2024 | pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is |
- CVE-2024-4216May 2, 2024affected < 4.30-150300.3.15.1fixed 4.30-150300.3.15.1
pgAdmin <= 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end.
- CVE-2024-2044Mar 7, 2024affected < 4.30-150300.3.12.1fixed 4.30-150300.3.12.1
pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is