GSA_kwCzR0hTQS05Y3JqLWhweGgtZjZxZ84AAyWl

Moderate EPSS: 0.00467% (0.63629 Percentile) EPSS:

Permalink JSON

pgAdmin 4 vulnerable to directory traversal

Affected Packages	Affected Versions	Fixed Versions
pypi:pgadmin4 PURL: `pkg:pypi/pgadmin4`	<= 6.18	6.19
1 Dependent packages 51 Dependent repositories 13,687 Downloads last month Affected Version Ranges All affected versions All unaffected versions

pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database.

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-0241
https://github.com/pgadmin-org/pgadmin4/issues/5734
https://github.com/akshay-joshi/pgadmin4/commit/64d7289c5b3831137b17bb4c5022ef4f63d2ef42
https://jvn.jp/en/jp/JVN01398015
https://github.com/advisories/GHSA-9crj-hpxh-f6qg

Identifiers

GHSA-9crj-hpxh-f6qg

CVE-2023-0241

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00467

EPSS Percentile: 0.63629

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/pgadmin-org/pgadmin4

Date and time

Published

over 2 years ago

Updated

6 months ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories