pgadmin4@6.5 vulnerabilities

pgadmin4 is a PostgreSQL Tools

Affected versions of this package are vulnerable to Information Exposure due to improper handling of OAuth2 authentication credentials.

Upgrade pgadmin4 to version 8.12 or higher.

pgadmin4 is a PostgreSQL Tools

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the /settings/store API response json payload. An attacker can execute malicious script at the client end by injecting script content into the json response.

Upgrade pgadmin4 to version 8.6 or higher.

pgadmin4 is a PostgreSQL Tools

Affected versions of this package are vulnerable to Authentication Bypass due to a flaw in the multi-factor authentication process. An attacker with knowledge of a legitimate account's username and password may authenticate to the application and perform sensitive actions within the application, such as managing files and executing SQL queries, regardless of the account's MFA enrollment status.

Upgrade pgadmin4 to version 8.6 or higher.

pgadmin4 is a PostgreSQL Tools

Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via the validate binary path API. An attacker can execute arbitrary code on the server hosting the application, posing a severe risk to the integrity of the database management system and the security of the underlying data.

Upgrade pgadmin4 to version 8.5 or higher.

pgadmin4 is a PostgreSQL Tools

Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the use of a file-based session management approach where session files are saved on disk as pickle objects. An attacker can execute arbitrary code on the system by manipulating the session ID to escape the intended session folder path and point to a maliciously crafted file.

Upgrade pgadmin4 to version 8.4 or higher.

pgadmin4 is a PostgreSQL Tools

Affected versions of this package are vulnerable to Command Injection when the HTTP API validates the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. A user can run arbitrary commands on the server by passing commands as filenames.

NOTE: This issue does not affect pgAdmin's desktop mode.

Upgrade pgadmin4 to version 7.7 or higher.

pgadmin4 is a PostgreSQL Tools

Affected versions of this package are vulnerable to Directory Traversal due to improper input sanitization, which allows pgAdmin users who are authenticated to access each other's directories and files by providing relative paths.

Upgrade pgadmin4 to version 6.19 or higher.

pgadmin4 is a PostgreSQL Tools

Affected versions of this package are vulnerable to Open Redirect. Allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user access a specially crafted URL.

Upgrade pgadmin4 to version 6.14 or higher.

pgadmin4 is a PostgreSQL Tools

Affected versions of this package are vulnerable to Arbitrary Code Injection by allowing an unauthenticated user to call an HTTP API with a path of their choosing, such as a UNC path to a server they control on a Windows machine. This would cause an appropriately named executable in the target path to be executed by the pgAdmin server.

Note:

This issue does not affect users running pgAdmin in desktop mode.

Upgrade pgadmin4 to version 6.17 or higher.

pgadmin4 is a PostgreSQL Tools

Affected versions of this package are vulnerable to Directory Traversal. A malicious user can construct an HTTP request using their existing CSRF token and session cookie to manually upload files to any location that the operating system user account has permission to write. That is because the URI to which upload requests are made fails to validate the upload path.

Upgrade pgadmin4 to version 6.7 or higher.