Описание
Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| adminer | fixed | 4.7.9-1 | package | |
| adminer | fixed | 4.7.1-1+deb10u1 | buster | package |
Примечания
https://github.com/vrana/adminer/security/advisories/GHSA-x5r2-hj5c-8jx6
https://github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351 (v4.7.9)
Связанные уязвимости
Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.
Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.
Уязвимость программного обеспечения для управления базами данных Adminer, связанная с недостаточной проверкой запросов на стороне сервера, позволяющая нарушителю осуществить SSRF-атаку