View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2024-9014 severity important: SUSE including 16 source package names (pgadmin4, pgadmin4-8.5-150600.3.6.1, …), 71 product×package rows across 22 product lines (SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS, SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS, … (22 product lines)): Known Not Affected 50, Fixed 21.
pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data.