Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-2562

Опубликовано: 01 мар. 2016
Источник: debian
EPSS Низкий

Описание

The checkHTTP function in libraries/Config.class.php in phpMyAdmin 4.5.x before 4.5.5.1 does not verify X.509 certificates from api.github.com SSL servers, which allows man-in-the-middle attackers to spoof these servers and obtain sensitive information via a crafted certificate.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
phpmyadminfixed4:4.5.5.1-1package

Примечания

  • vulnerability is only in the test suite

EPSS

Процентиль: 46%
0.0023
Низкий

Связанные уязвимости

CVSS3: 6.8
ubuntu
больше 9 лет назад

The checkHTTP function in libraries/Config.class.php in phpMyAdmin 4.5.x before 4.5.5.1 does not verify X.509 certificates from api.github.com SSL servers, which allows man-in-the-middle attackers to spoof these servers and obtain sensitive information via a crafted certificate.

CVSS3: 6.8
nvd
больше 9 лет назад

The checkHTTP function in libraries/Config.class.php in phpMyAdmin 4.5.x before 4.5.5.1 does not verify X.509 certificates from api.github.com SSL servers, which allows man-in-the-middle attackers to spoof these servers and obtain sensitive information via a crafted certificate.

CVSS3: 6.8
github
около 3 лет назад

phpMyAdmin Improper Input Validation

EPSS

Процентиль: 46%
0.0023
Низкий