Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-0959

Опубликовано: 16 мар. 2022
Источник: debian
EPSS Низкий

Описание

A malicious, but authorised and authenticated user can construct an HTTP request using their existing CSRF token and session cookie to manually upload files to any location that the operating system user account under which pgAdmin is running has permission to write.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
pgadmin4itppackage

EPSS

Процентиль: 66%
0.00524
Низкий

Связанные уязвимости

nvd логотип

CVE-2022-0959

CVSS3: 6.5
nvd
почти 4 года назад

A malicious, but authorised and authenticated user can construct an HTTP request using their existing CSRF token and session cookie to manually upload files to any location that the operating system user account under which pgAdmin is running has permission to write.

suse-cvrf логотип

SUSE-SU-2022:1541-1

suse-cvrf
почти 4 года назад

Security update for pgadmin4

github логотип

GHSA-cr8c-972v-rmp3

CVSS3: 6.5
github
почти 4 года назад

pgAdmin 4 Path Traversal vulnerability

EPSS

Процентиль: 66%
0.00524
Низкий