UBUNTU-CVE-2023-1907

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2023-1907

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-1907.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2023-1907

Upstream

CVE-2023-1907

Published

2025-01-09T08:15:00Z

Modified

2025-09-08T16:55:38Z

Severity

8.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H CVSS Calculator
7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously.

References

Affected packages

Ubuntu:Pro:16.04:LTS / pgadmin3

Package

Name: pgadmin3
Purl: pkg:deb/ubuntu/pgadmin3@1.22.0-1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.20.0~beta2-1build1

1.20.0-3

1.22.0-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "pgadmin3",
            "binary_version": "1.22.0-1"
        },
        {
            "binary_name": "pgadmin3-data",
            "binary_version": "1.22.0-1"
        }
    ]
}

Ubuntu:Pro:18.04:LTS / pgadmin3

Package

Name: pgadmin3
Purl: pkg:deb/ubuntu/pgadmin3@1.22.2-4?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.22.2-1

1.22.2-2

1.22.2-3

1.22.2-4

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "pgadmin3",
            "binary_version": "1.22.2-4"
        },
        {
            "binary_name": "pgadmin3-data",
            "binary_version": "1.22.2-4"
        }
    ]
}

Ubuntu:Pro:20.04:LTS / pgadmin3

Package

Name: pgadmin3
Purl: pkg:deb/ubuntu/pgadmin3@1.22.2-6build1?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.22.2-5build1

1.22.2-6

1.22.2-6build1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "pgadmin3",
            "binary_version": "1.22.2-6build1"
        },
        {
            "binary_name": "pgadmin3-data",
            "binary_version": "1.22.2-6build1"
        }
    ]
}