Description
phpMyAdmin allows to detect if user is logged in
An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user's session, username, and password are not compromised by this vulnerability. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 packagist | | >=4.6 <4.6.4 || >=4.4 <4.4.15.8 || >=4.0 <4.0.10.17 | 4.6.4, 4.4.15.8, 4.0.10.17 |
 debian 13 | | | 4:4.6.4+dfsg1-1 |
 alpine v3.2 | | =3.3.10-r0 || =3.3.10-r1 || =3.3.10-r2 || =3.4.11.1-r0 || =3.4.9-r0 || =4.0.0-r0 || =4.0.1-r0 || =4.0.10-r0 || =4.0.2-r0 || =4.0.3-r0 || =4.0.4.1-r0 || =4.0.4.2-r0 || =4.0.5-r0 || =4.0.6-r0 || =4.0.7-r0 || =4.0.8-r0 || =4.0.8-r1 || =4.0.8-r2 || =4.0.9-r0 || =4.1.11-r0 || =4.1.12-r0 || =4.1.13-r0 || =4.1.14-r0 || =4.1.4-r0 || =4.1.5-r0 || =4.1.6-r0 || =4.1.7-r0 || =4.1.8-r0 || =4.1.9-r0 || =4.2.0-r0 || =4.2.1-r0 || =4.2.10-r0 || =4.2.10.1-r0 || =4.2.11-r0 || =4.2.12-r0 || =4.2.13.1-r0 || =4.2.2-r0 || =4.2.3-r0 || =4.2.4-r0 || =4.2.5-r0 || =4.2.6-r0 || =4.2.7-r0 || =4.2.7.1-r0 || =4.2.8-r0 || =4.2.8.1-r0 || =4.2.9-r0 || =4.2.9.1-r0 || =4.3.0-r0 || =4.3.1-r0 || =4.3.10-r0 || =4.3.11.1-r0 || =4.3.12-r0 || =4.3.13-r0 || =4.3.3-r0 || =4.3.4-r0 || =4.3.5-r0 || =4.3.7-r0 || =4.3.8-r0 || =4.3.9-r0 || =4.4.1.1-r0 || =4.4.15-r0 || =4.4.15.1-r0 || =4.4.15.4-r0 || =4.4.15.7-r0 || =4.4.3-r0 || =4.4.4-r0 || =4.4.5-r0 || =4.4.7-r0 || >=0 <4.4.15.8-r0 | 4.4.15.8-r0 |
debian 11 | | | 4:4.6.4+dfsg1-1 |
debian 12 | | | 4:4.6.4+dfsg1-1 |
