PT-2025-46821 · Pgadmin · Pgadmin
Published
2025-11-05
·
Updated
2026-01-05
·
CVE-2025-12764
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
pgAdmin versions prior to 9.9
Description
The software is susceptible to an LDAP injection issue within the LDAP authentication process. An attacker can inject specific LDAP characters into the
username field. This manipulation forces the Directory Controller/LDAP server and the client to process an excessive amount of data, potentially leading to a denial-of-service (DOS) condition.Recommendations
Update to a version newer than 9.9.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pgadmin