CVE-2023-45196

Publication date 24 June 2024

Last updated 4 August 2025

Ubuntu priority

Description

Adminer and AdminerEvo allow an unauthenticated remote attacker to cause a denial of service by connecting to an attacker-controlled service that responds with HTTP redirects. The denial of service is subject to PHP configuration limits. Adminer is no longer supported, but this issue was fixed in AdminerEvo version 4.8.4.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
adminer	26.04 LTS resolute	Not affected
	25.10 questing	Not affected
	25.04 plucky	Not affected
	24.10 oracular	Not affected
	24.04 LTS noble	Needs evaluation
	22.04 LTS jammy	Needs evaluation
	20.04 LTS focal	Ignored end of standard support, was needs-triage
	18.04 LTS bionic	Needs evaluation
	16.04 LTS xenial	Needs evaluation

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2023-45196
https://github.com/adminerevo/adminerevo/commit/bc44e5f676b3ff249acd97ed9835305469d55bfa (v4.8.4)

CVE-2023-45196

Description

Status

References

Other references

Access our resources on patching vulnerabilities