Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2015-3902

Published: 26 May 2015

Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file.

Priority

Medium

Status

Package Release Status
phpmyadmin
Launchpad, Ubuntu, Debian
artful Not vulnerable
(4:4.4.6.1-1)
bionic Not vulnerable
(4:4.4.6.1-1)
cosmic Not vulnerable
(4:4.4.6.1-1)
disco Not vulnerable
(4:4.4.6.1-1)
eoan Does not exist

focal Not vulnerable
(4:4.4.6.1-1)
groovy Not vulnerable
(4:4.4.6.1-1)
hirsute Not vulnerable
(4:4.4.6.1-1)
impish Not vulnerable
(4:4.4.6.1-1)
jammy Not vulnerable
(4:4.4.6.1-1)
kinetic Not vulnerable
(4:4.4.6.1-1)
lunar Not vulnerable
(4:4.4.6.1-1)
mantic Not vulnerable
(4:4.4.6.1-1)
precise Ignored
(end of life)
trusty Needed

upstream Needs triage

utopic Ignored
(end of life)
vivid
Released (4:4.2.12-2+deb8u1build0.15.04.1)
wily Not vulnerable
(4:4.4.6.1-1)
xenial Not vulnerable
(4:4.4.6.1-1)
yakkety Not vulnerable
(4:4.4.6.1-1)
zesty Not vulnerable
(4:4.4.6.1-1)