rpm package
suse/pgadmin4&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
pkg:rpm/suse/pgadmin4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-12765 | — | < 8.5-150600.3.18.1 | 8.5-150600.3.18.1 | Nov 13, 2025 | pgAdmin <= 9.9 is affected by a vulnerability in the LDAP authentication mechanism allows bypassing TLS certificate verification. | ||
| CVE-2025-12764 | — | < 8.5-150600.3.18.1 | 8.5-150600.3.18.1 | Nov 13, 2025 | pgAdmin <= 9.9 is affected by an LDAP injection vulnerability in the LDAP authentication flow that allows an attacker to inject special LDAP characters in the username, causing the DC/LDAP server and the client to process an unusual amount of data DOS. | ||
| CVE-2025-9636 | — | < 4.30-150300.3.24.1 | 4.30-150300.3.24.1 | Sep 4, 2025 | pgAdmin <= 9.7 is affected by a Cross-Origin Opener Policy (COOP) vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow, potentially leading to unauthorised account access, account takeover, data breaches, and privilege escalation. |
- CVE-2025-12765Nov 13, 2025affected < 8.5-150600.3.18.1fixed 8.5-150600.3.18.1
pgAdmin <= 9.9 is affected by a vulnerability in the LDAP authentication mechanism allows bypassing TLS certificate verification.
- CVE-2025-12764Nov 13, 2025affected < 8.5-150600.3.18.1fixed 8.5-150600.3.18.1
pgAdmin <= 9.9 is affected by an LDAP injection vulnerability in the LDAP authentication flow that allows an attacker to inject special LDAP characters in the username, causing the DC/LDAP server and the client to process an unusual amount of data DOS.
- CVE-2025-9636Sep 4, 2025affected < 4.30-150300.3.24.1fixed 4.30-150300.3.24.1
pgAdmin <= 9.7 is affected by a Cross-Origin Opener Policy (COOP) vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow, potentially leading to unauthorised account access, account takeover, data breaches, and privilege escalation.