Описание
An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by ArbitraryServerRegexp. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 4:4.6.4+dfsg1-1 |
| bionic | not-affected | 4:4.6.4+dfsg1-1 |
| cosmic | not-affected | 4:4.6.4+dfsg1-1 |
| devel | not-affected | 4:4.6.4+dfsg1-1 |
| disco | not-affected | 4:4.6.4+dfsg1-1 |
| eoan | DNE | |
| esm-apps/bionic | not-affected | 4:4.6.4+dfsg1-1 |
| esm-apps/focal | not-affected | 4:4.6.4+dfsg1-1 |
| esm-apps/jammy | not-affected | 4:4.6.4+dfsg1-1 |
| esm-apps/noble | not-affected | 4:4.6.4+dfsg1-1 |
Показывать по
10 Critical
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by ArbitraryServerRegexp. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
An issue was discovered in phpMyAdmin involving the $cfg['ArbitrarySer ...
10 Critical
CVSS2
9.8 Critical
CVSS3