CVE-2024-9014

pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/9xxx/CVE-2024-9014.json",
    "cna_assigner": "PostgreSQL"
}

References

Affected packages

Git / github.com/pgadmin-org/pgadmin4

Affected ranges

Type: GIT
Repo: https://github.com/pgadmin-org/pgadmin4
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a0aa1855186bbe769182e797dc546812ed4dc720

Affected versions

Other

REL-1_0

REL-1_0-BETA1

REL-1_0-BETA2

REL-1_0-BETA3

REL-1_0-BETA4

REL-1_0-RC1

REL-1_1

REL-1_2

REL-1_3

REL-1_4

REL-1_5

REL-1_6

REL-2_0

REL-2_0-RC1

REL-2_0-RC2

REL-2_1

REL-3_0

REL-3_1

REL-3_2

REL-3_3

REL-3_4

REL-3_5

REL-3_6

REL-4_0

REL-4_1

REL-4_10

REL-4_11

REL-4_12

REL-4_13

REL-4_14

REL-4_15

REL-4_16

REL-4_17

REL-4_18

REL-4_19

REL-4_2

REL-4_20

REL-4_21

REL-4_22

REL-4_23

REL-4_24

REL-4_25

REL-4_26

REL-4_27

REL-4_28

REL-4_29

REL-4_3

REL-4_30

REL-4_4

REL-4_5

REL-4_6

REL-4_7

REL-4_8

REL-4_9

REL-5_0

REL-5_1

REL-5_2

REL-5_3

REL-5_4

REL-5_5

REL-5_6

REL-5_7

REL-6_0

REL-6_1

REL-6_10

REL-6_11

REL-6_12

REL-6_13

REL-6_14

REL-6_15

REL-6_16

REL-6_17

REL-6_18

REL-6_19

REL-6_2

REL-6_20

REL-6_21

REL-6_3

REL-6_4

REL-6_5

REL-6_6

REL-6_7

REL-6_8

REL-6_9

REL-7_0

REL-7_1

REL-7_2

REL-7_3

REL-7_4

REL-7_5

REL-7_6

REL-7_7

REL-7_8

REL-8_0

REL-8_1

REL-8_10

REL-8_11

REL-8_2

REL-8_3

REL-8_4

REL-8_5

REL-8_6

REL-8_7

REL-8_8

REL-8_9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-9014.json"