CVE-2023-45195

Publication date 24 June 2024

Last updated 4 August 2025

Ubuntu priority

Description

Adminer and AdminerEvo are vulnerable to SSRF via database connection fields. This could allow an unauthenticated remote attacker to enumerate or access systems the attacker would not otherwise have access to. Adminer is no longer supported, but this issue was fixed in AdminerEvo version 4.8.4.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
adminer	25.10 questing	Needs evaluation
	25.04 plucky	Ignored end of life, was needs-triage
	24.10 oracular	Ignored end of life, was needs-triage
	24.04 LTS noble	Vulnerable
	23.10 mantic	Ignored end of life, was needed
	22.04 LTS jammy	Vulnerable
	20.04 LTS focal	Vulnerable
	18.04 LTS bionic	Vulnerable
	16.04 LTS xenial	Vulnerable

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2023-45195
https://github.com/adminerevo/adminerevo/pull/102/commits/18f3167bbcbec3bc746f62db72e016aa99144efc

CVE-2023-45195

Description

Status

References

Other references

Access our resources on patching vulnerabilities