suse · CVE-2024-9014

Quick triage

Priority: high Published: 2024-09-24 23:24:27 UTC Updated: 2025-05-11 23:12:15 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2024-9014 severity important: SUSE including 16 source package names (pgadmin4, pgadmin4-8.5-150600.3.6.1, …), 71 product×package rows across 22 product lines (SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS, SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS, … (22 product lines)): Known Not Affected 50, Fixed 21.

Description:

pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data.

cvelogic Threat Intelligence