A critical vulnerability in pgAdmin (CVE-2024-9014) with a CVSS rating of 9.9 could compromise user data if not updated to the latest version.
Open vulnerability CVE-2024-9014 in pgAdmin, a popular PostgreSQL database management tool, allows attackers to gain access to sensitive information using the OAuth2 authentication mechanism. This vulnerability could lead to the leakage of data such as IDs and client secrets that are essential for secure authentication. The developers of pgAdmin urge to urgently update the system to version 8.12, which contains fixes for this vulnerability.
pgAdmin is a widely used PostgreSQL management tool that helps database administrators. CVE-2024-9014 affects versions 8.11 and earlier and was discovered in September 2024. In addition to fixing the critical bug, the new update also includes 13 other fixes and functionality improvements.
If you are using pgAdmin version 8.11 or earlier, please upgrade to 8.12 immediately to protect your data from possible compromise due to the critical vulnerability CVE-2024-9014.