CVE-2023-0241: Path Traversal
First published: Mon Mar 27 2023(Updated: )
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Postgresql Pgadmin 4 | <6.19 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability in pgAdmin 4 versions prior to v6.19?
The vulnerability is a directory traversal vulnerability.
What can an attacker do with the directory traversal vulnerability in pgAdmin 4 versions prior to v6.19?
An attacker can change another user's settings or alter the database.
What is the severity of CVE-2023-0241?
The severity of CVE-2023-0241 is medium with a CVSS score of 6.5.
How do I fix the directory traversal vulnerability in pgAdmin 4 versions prior to v6.19?
Update to pgAdmin 4 version 6.19 or above to fix the vulnerability.
Where can I find more information about CVE-2023-0241?
You can find more information about CVE-2023-0241 at the following links: [GitHub](https://github.com/pgadmin-org/pgadmin4/issues/5734) and [JVN](https://jvn.jp/en/jp/JVN01398015/).
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/postgresql
- canonical/postgresql pgadmin 4