CVE-2016-2041

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-2041
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2041.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-2041
Aliases
Downstream
Related
Published
2016-02-20T01:59:04.327Z
Modified
2026-03-15T22:06:21.157647Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences.

References

Affected packages

Git / github.com/phpmyadmin/phpmyadmin

Affected ranges

Type
GIT
Repo
https://github.com/phpmyadmin/phpmyadmin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6da64cc3b2ba4439574f914f51e161645375be96
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3731b1376fae52cca9122048048964941d668293
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b50aabb0e35e28ada3f7a6800f5e327a0b3314f0
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3df57a818917737d65e0e1c7cce80e9eb69e5e0b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
82161a6c30a9ac2502d822e29cfb66beae7eeb4c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f86761326c97eb5e2c9cefa2b1871252357f00a0
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5e5261284190c6fe6985547fbd19d3345df14be1
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ceb7d7e1b2f8ab1e61710d0d061f10193a6c44c5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5118938f103e0022329847b654fcd99c8cb37de7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d0f7dc79905f4795d328a018772871f9f98957fc
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
13a288d0da6e79b99acb9052bcf31b6650c624b5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
00828f9ccb1024fbcd528f41dfdf28fab918dfff
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5004dc40980b8dfe04c328abed85fde991833624
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a395665715a3f56db9692486d120fb1dc00bcc5d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d81165f34555c5202d8150ae1d080834dd601d5b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2694c36ef6e86de019196698a9de1953645fba97
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
66149607b1b578bbedc0a90e3c000e8c410c7c8e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1fe735d098d82ad79500eab04c4d25ba8fe25a24
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6ab95d9bec50f6be6b5439abed35f99ab3fa5cbc
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e4db51c0d47ac6e319ba93ce0d5706a33f736c00
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1c1753bb6666381fa2cd2cd1f160286935244a35
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d8f4a2d661f78281db7ee6826651ffc9574a2b31
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
243ed0268fa15567c8a787eeb6055a232102b91a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
86a7d2704994c43a4fae11cf38105fc3cb3d4d5b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
dba2af651a53d5037296a1dc827081a94ef1062c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
409c9bc50aa447c52d334c839f4aa239f66c5e03
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a62fcf03af4c7f9df2393fbe58ae8653166763fa
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b478a3d5c4fc1341a0a77235d2afbd2b4e4d0a6c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5b0543da6915bac44cb15e7e73f9e1886fe57588
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a1b4ecc69bc4ac90a54e3f3c8644ca18f13b010d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b0d60e271a6f47d2e0ecd81ad620b5d185acc0b1
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
426c5d9c1ded024c9306428ce165ae82d6f6d5df
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
78a6214afcee3a6b65eb5e1ac261aa8e70f36736
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
95104ff56e15876c6b481e09c9f0169e34b781f8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f7f483e99a74648843cc87265033442aeb4b7342
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3fc737460caa3c47d9d51751d712cc8784b1dfef
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fecf8b76ef831be0a5a8fddb1c3edf4251e92076
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
daf86cd1e369f63ad132d8dc63a7217267030408
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c21937440af0b0b2ed752f229c3d2523ac178d85
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
796e6ae09301a7ea8aae74fdb3bb44538c0f5151
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9e08133f49f0b99868fec434762366d08a45b6f8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ae7d3bb97a30805f98945fd4a442d023ae0ea24a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b900c917101a15c78666579a28bab19b95bef669
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1ec51857f828c2d409ad76450695ca281ed89fc3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a81ac373c82ec81351b3e5a30c5aa0b2b9e444af
Fixed
ec0e88e37ef30a66eada1c072953f4ec385a3e49
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.0-rc2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.0-rc3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.9"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.10"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.11"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0.10.12"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.1.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.6.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.9"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.10"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.11"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.12"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.13"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.13.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.14.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.15"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.15.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.15.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.4.15.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.5.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.5.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.5.0.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.5.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.5.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.5.3"
        }
    ]
}

Affected versions

Other
RELEASE_2_10_0
RELEASE_2_10_0RC1
RELEASE_2_10_0_1
RELEASE_2_10_0_2
RELEASE_2_10_1RC1
RELEASE_2_10_2
RELEASE_2_10_3
RELEASE_2_10_3RC1
RELEASE_2_11_0
RELEASE_2_11_0BETA1
RELEASE_2_11_0RC1
RELEASE_2_11_0RC2
RELEASE_2_11_1
RELEASE_2_11_10
RELEASE_2_11_10_1
RELEASE_2_11_11
RELEASE_2_11_11RC1
RELEASE_2_11_11_1
RELEASE_2_11_11_2
RELEASE_2_11_11_3
RELEASE_2_11_1RC1
RELEASE_2_11_1_1
RELEASE_2_11_1_2
RELEASE_2_11_2
RELEASE_2_11_2RC1
RELEASE_2_11_2_1
RELEASE_2_11_2_2
RELEASE_2_11_3
RELEASE_2_11_3RC1
RELEASE_2_11_4
RELEASE_2_11_4RC1
RELEASE_2_11_5
RELEASE_2_11_5RC1
RELEASE_2_11_5_1
RELEASE_2_11_5_2
RELEASE_2_11_6
RELEASE_2_11_6RC1
RELEASE_2_11_7
RELEASE_2_11_7RC1
RELEASE_2_11_7RC2
RELEASE_2_11_7_1
RELEASE_2_11_8
RELEASE_2_11_8RC1
RELEASE_2_11_8_1
RELEASE_2_11_9
RELEASE_2_11_9_1
RELEASE_2_11_9_2
RELEASE_2_11_9_3
RELEASE_2_11_9_4
RELEASE_2_11_9_5
RELEASE_2_11_9_6
RELEASE_2_2_0
RELEASE_2_2_1
RELEASE_2_2_2
RELEASE_2_2_3
RELEASE_2_2_4
RELEASE_2_2_5
RELEASE_2_2_6
RELEASE_2_2_7PL1
RELEASE_2_3_0
RELEASE_2_3_1
RELEASE_2_3_2
RELEASE_2_3_3PL1
RELEASE_2_4_0
RELEASE_2_5_0
RELEASE_2_5_1
RELEASE_2_5_2
RELEASE_2_5_4
RELEASE_2_5_5PL1
RELEASE_2_5_6
RELEASE_2_5_7PL1
RELEASE_2_6_1PL3
RELEASE_2_6_2PL1
RELEASE_2_6_3PL1
RELEASE_2_6_4PL4
RELEASE_2_7_0PL2
RELEASE_2_8_0_4
RELEASE_2_8_1
RELEASE_2_8_2_4
RELEASE_2_9_0
RELEASE_2_9_0_1
RELEASE_2_9_0_2
RELEASE_2_9_1_1
RELEASE_2_9_2
RELEASE_2_9_2RC1
RELEASE_3_0_0
RELEASE_3_0_0ALPHA
RELEASE_3_0_0BETA
RELEASE_3_0_0RC1
RELEASE_3_0_0RC2
RELEASE_3_0_1
RELEASE_3_0_1RC1
RELEASE_3_0_1_1
RELEASE_3_1_0
RELEASE_3_1_0BETA1
RELEASE_3_1_0RC1
RELEASE_3_1_1
RELEASE_3_1_2
RELEASE_3_1_2RC1
RELEASE_3_1_3
RELEASE_3_1_3RC1
RELEASE_3_1_3_1
RELEASE_3_1_3_2
RELEASE_3_1_4
RELEASE_3_1_4RC1
RELEASE_3_1_4RC2
RELEASE_3_1_5
RELEASE_3_1_5RC1
RELEASE_3_2_0
RELEASE_3_2_0BETA1
RELEASE_3_2_0RC1
RELEASE_3_2_0_1
RELEASE_3_2_2
RELEASE_3_2_2RC1
RELEASE_3_2_2_1
RELEASE_3_2_3
RELEASE_3_2_3RC1
RELEASE_3_2_4
RELEASE_3_2_4RC1
RELEASE_3_2_5
RELEASE_3_2_5RC1
RELEASE_3_2_5RC2
RELEASE_3_3_0
RELEASE_3_3_0ALPHA1
RELEASE_3_3_0BETA1
RELEASE_3_3_0RC1
RELEASE_3_3_0RC2
RELEASE_3_3_0RC3
RELEASE_3_3_1
RELEASE_3_3_10
RELEASE_3_3_10RC1
RELEASE_3_3_10_1
RELEASE_3_3_10_2
RELEASE_3_3_10_3
RELEASE_3_3_10_4
RELEASE_3_3_10_5
RELEASE_3_3_1RC1
RELEASE_3_3_2
RELEASE_3_3_2RC1
RELEASE_3_3_3
RELEASE_3_3_3RC1
RELEASE_3_3_4
RELEASE_3_3_4RC1
RELEASE_3_3_5
RELEASE_3_3_5RC1
RELEASE_3_3_5_1
RELEASE_3_3_6
RELEASE_3_3_6RC1
RELEASE_3_3_7
RELEASE_3_3_7RC1
RELEASE_3_3_8
RELEASE_3_3_8RC1
RELEASE_3_3_8_1
RELEASE_3_3_9
RELEASE_3_3_9RC1
RELEASE_3_3_9_1
RELEASE_3_3_9_2
RELEASE_3_4_0
RELEASE_3_4_0ALPHA1
RELEASE_3_4_0ALPHA2
RELEASE_3_4_0BETA1
RELEASE_3_4_0BETA2
RELEASE_3_4_0BETA3
RELEASE_3_4_0BETA4
RELEASE_3_4_0RC1
RELEASE_3_4_0RC2
RELEASE_3_4_1
RELEASE_3_4_10
RELEASE_3_4_10RC1
RELEASE_3_4_10_1
RELEASE_3_4_11
RELEASE_3_4_11RC1
RELEASE_3_4_11_1
RELEASE_3_4_1RC1
RELEASE_3_4_2
RELEASE_3_4_2RC1
RELEASE_3_4_3
RELEASE_3_4_3RC1
RELEASE_3_4_3_1
RELEASE_3_4_3_2
RELEASE_3_4_4
RELEASE_3_4_4RC1
RELEASE_3_4_5
RELEASE_3_4_5RC1
RELEASE_3_4_6
RELEASE_3_4_6RC1
RELEASE_3_4_7
RELEASE_3_4_7RC1
RELEASE_3_4_7_1
RELEASE_3_4_8
RELEASE_3_4_8RC1
RELEASE_3_4_9
RELEASE_3_4_9RC1
RELEASE_3_5_0
RELEASE_3_5_0ALPHA1
RELEASE_3_5_0BETA1
RELEASE_3_5_0RC1
RELEASE_3_5_0RC2
RELEASE_3_5_1
RELEASE_3_5_1RC1
RELEASE_3_5_2
RELEASE_3_5_2RC1
RELEASE_3_5_2_1
RELEASE_3_5_2_2
RELEASE_3_5_3
RELEASE_3_5_3RC1
RELEASE_3_5_4
RELEASE_3_5_4RC1
RELEASE_3_5_5RC1
RELEASE_3_5_6
RELEASE_3_5_6RC1
RELEASE_3_5_7
RELEASE_3_5_7RC1
RELEASE_3_5_8
RELEASE_3_5_8RC1
RELEASE_3_5_8_1
RELEASE_4_0_0
RELEASE_4_0_0ALPHA1
RELEASE_4_0_0ALPHA2
RELEASE_4_0_0BETA1
RELEASE_4_0_0BETA2
RELEASE_4_0_0BETA3
RELEASE_4_0_0RC1
RELEASE_4_0_0RC2
RELEASE_4_0_0RC3
RELEASE_4_0_0RC4
RELEASE_4_0_1RC1
RELEASE_4_0_2
RELEASE_4_0_2RC1
RELEASE_4_0_3
RELEASE_4_0_3RC1
RELEASE_4_0_4
RELEASE_4_0_4RC1
RELEASE_4_0_4_1
RELEASE_4_0_4_2
RELEASE_4_0_5RC1
RELEASE_4_0_6
RELEASE_4_0_6RC1
RELEASE_4_0_6RC2
RELEASE_4_1_0ALPHA1
RELEASE_4_1_0ALPHA2
RELEASE_4_1_0BETA1
RELEASE_4_1_0BETA2
RELEASE_4_1_0RC1
RELEASE_4_1_0RC2
RELEASE_4_1_0RC3
RELEASE_4_2_0
RELEASE_4_2_0ALPHA1
RELEASE_4_2_0ALPHA2
RELEASE_4_2_0BETA1
RELEASE_4_2_0RC1
RELEASE_4_2_10
RELEASE_4_2_10_1
RELEASE_4_2_13
RELEASE_4_2_13_1
RELEASE_4_2_7
RELEASE_4_2_7_1
RELEASE_4_2_8
RELEASE_4_2_9
RELEASE_4_2_9_1
RELEASE_4_3_0ALPHA1
RELEASE_4_3_0BETA1
RELEASE_4_3_0RC1
RELEASE_4_3_0RC2
RELEASE_4_4_0ALPHA1
RELEASE_4_4_1
RELEASE_4_4_14
RELEASE_4_4_14_1
RELEASE_4_5_0
RELEASE_4_5_0RC1
RELEASE_4_5_0_1
RELEASE_4_5_2
RELEASE_4_5_3
RELEASE_4_5_3_1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2041.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "22"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "23"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "42.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "13.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "13.2"
            }
        ]
    }
]