SB2026052051 - Fedora 43 update for pgadmin4

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026052051

SB2026052051 - Fedora 43 update for pgadmin4

Published: May 20, 2026

Security Bulletin ID SB2026052051
CSH Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 50% Medium 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 vulnerabilities.


1) HTTP response splitting (CVE-ID: CVE-2026-40175)

CWE-ID: CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')

CVSSv4: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to perform HTTP splitting attacks.

The vulnerability exists due to software does not correclty process CRLF character sequences. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.

Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.


2) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2025-62718)

CWE-ID: CWE-918 - Server-Side Request Forgery (SSRF)

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:L/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to conduct server-side request forgery and disclose sensitive information.

The vulnerability exists due to improper hostname normalization in NO_PROXY rule evaluation when processing attacker-controlled request URLs. A remote attacker can supply a crafted URL using forms such as localhost. or [::1] to conduct server-side request forgery and disclose sensitive information.

Applications that rely on NO_PROXY entries for loopback or internal services are affected.


3) Code Injection (CVE-ID: CVE-2026-4800)

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to improper control of code generation in _.template when processing untrusted options.imports key names. A remote attacker can supply crafted imports key names to execute arbitrary code.

Code execution occurs at template compilation time. If Object.prototype has been polluted by another vector, inherited polluted keys can also be copied into the imports object and passed to Function().


4) Resource exhaustion (CVE-ID: CVE-2026-39865)

CWE-ID: CWE-400 - Resource exhaustion

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the HTTP/2 session cleanup logic contains a state corruption bug. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References