-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
phpmyadmin.html
123 lines (115 loc) · 6.46 KB
/
phpmyadmin.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<!doctype html>
<html lang="en-AU" xml:lang="en-AU" dir="ltr">
<head>
<meta charset="utf-8" />
<meta property="og:title" content="Vulnerability Charts – phpMyAdmin" />
<meta property="og:description" content="A chart of which phpMyAdmin versions are safe/unsafe, and their CVSS." />
<meta property="og:image" content="https://maikuolan.github.io/Vulnerability-Charts/vcharts.png" />
<meta property="og:url" content="https://maikuolan.github.io/Vulnerability-Charts/phpmyadmin.html" />
<link rel="stylesheet" href="styles.css" />
<title>Vulnerability Charts</title>
</head>
<body>
<div class="co"><div class="ci">
<hr />
<h1>Vulnerability Charts</h1>
<p><em>Last modified: <time datetime="2023-04-15">2023.04.15</time> (checked on 2024.10.27; no changes since last modified)</em></p>
<p><em>
CVSS values listed are those of the highest scoring CVEs for any listed version.
The highest possible score is <span class="xr"><strong>10.0</strong></span>, indicating that a version is considered
to be <span class="xr"><strong>❌ extremely unsafe</strong></span>. The lowest possible score is
<span class="xg"><strong>0.0</strong></span>, indicating that a version is <strong><em>currently</em></strong>
considered to be <span class="xg"><strong>✔️ safe</strong></span> (although, other designations are possible,
depending on other factors, such as whether the product has reached EoL, is still actively supported, is still under
development and therefore whether it's ready to be used in a production environment and etc).<br />
<br />
Versions will also be marked as either <span class="xg"><strong>✔️ safe</strong></span> or
<span class="xr"><strong>❌ unsafe</strong></span> accordingly, or as
<span class="xb"><strong>➖ in development</strong></span> (versions marked as in development may be safe, but aren't
yet considered to be ready for a production environment, or may have a changing codebase, which therefore can't yet
be predicated as either safe or unsafe), or as <span class="xo"><strong>〰️ disputed</strong></span> (CVEs exist, and
there are sources which identify the version as unsafe, but the CVE or unsafe designation may be disputed, either by
the vendor itself or alternative sources).<br />
<br />
Please note that a <span class="xg"><strong>✔️ safe</strong></span> designation does <span class="xr"><strong>NOT</strong></span> mean that the designated versions are <strong>free from bugs and errors</strong>!
When a new "patch release" becomes available, in general, these patch releases rectify various problems, bugs and so forth which could be encountered when using outdated versions from prior to the particular patch release.
As such, using the latest version for any particular branch is always advised in favour of using older, outdated versions.<br />
<br />
If you find any errors, would like to add to the list or make some changes, please send a pull request to the <a href="https://github.com/Maikuolan/Vulnerability-Charts">GitHub repository</a> for this page.<br />
Licensing (for this repository): <a href="https://github.com/Maikuolan/Vulnerability-Charts/blob/gh-pages/LICENSE.txt">MIT License</a> (feel free to copy and adapt it if you want).
</em></p>
<hr />
<table>
<tr>
<td colspan="2"></td>
<td class="h1t">CVSS</td>
<td class="h1">Safe?</td>
<td class="h1">Notes</td>
</tr>
<tr>
<td class="h1l" rowspan="8"><span class="tb"><a href="https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=phpMyAdmin">phpMyAdmin versions</a></span></td>
<td class="h2">phpMyAdmin 5.2.1<br /><small>(2023.02.08)</small></td>
<td class="h2"><span class="xg">0.0</span></td>
<td class="h2"><span class="xg">✔️</span></td>
<td class="h2">
(5.2.1 is the current latest version on the 5x branch).<br />
<small>Anything earlier than this version should be considered <span class="xr">❌ unsafe</span>.</small>
</td>
</tr>
<tr>
<td class="h2">phpMyAdmin 5.0.3 – 5.2.0<br /><small>(2020.10.10 – 2022.05.11)</small></td>
<td class="h2"><span class="xo">5.4~6.1</span></td>
<td class="h2"><span class="xr">❌</span></td>
<td class="h2">
<small>See: <a href="https://www.phpmyadmin.net/security/PMASA-2023-1/">PMASA-2023-1</a>, <a href="https://www.phpmyadmin.net/security/PMASA-2022-1/">PMASA-2022-1</a>, <a href="https://www.phpmyadmin.net/security/PMASA-2022-2/">PMASA-2022-2</a>.</small>
</td>
</tr>
<tr>
<td class="h2">phpMyAdmin 5.0.0 – 5.0.2<br /><small>(2019.12.26 – 2020.03.21)</small></td>
<td class="h2"><span class="xr">6.1~8.8</span></td>
<td class="h2"><span class="xr">❌</span></td>
<td class="h2">
<small>See: <a href="https://www.phpmyadmin.net/security/PMASA-2020-5/">PMASA-2020-5</a>, <a href="https://vulners.com/openvas/OPENVAS:1361412562310143347">PMASA-2020-1</a>, <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-5504">CVE-2020-5504</a>.</small>
</td>
</tr>
<tr>
<td class="h2 eol">phpMyAdmin 4.9.11<br /><small>(2023.02.08)</small></td>
<td class="h2 eol"><span class="xg">0.0</span></td>
<td class="h2 eol"><span class="xg">✔️</span></td>
<td class="h2 eol">
(4.9.11 is the final version on the 4x branch).<br />
</td>
</tr>
<tr>
<td class="h2 eol">phpMyAdmin 4.9.8 – 4.9.10<br /><small>(2022.01.22 – 2022.02.11)</small></td>
<td class="h2 eol"><span class="xo">5.4</span></td>
<td class="h2 eol"><span class="xr">❌</span></td>
<td class="h2 eol"></td>
</tr>
<tr>
<td class="h2 eol">phpMyAdmin 4.9.6 – 4.9.7<br /><small>(2020.10.10 – 2020.10.15)</small></td>
<td class="h2 eol"><span class="xr">4.3~8.8</span></td>
<td class="h2 eol"><span class="xr">❌</span></td>
<td class="h2 eol">
<small>See: <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-22278">CVE-2020-22278</a></small>
</td>
</tr>
<tr>
<td class="h2 eol">phpMyAdmin 4.9.5<br /><small>(2020.03.21)</small></td>
<td class="h2 eol"><span class="xr">6.1~8.8</span></td>
<td class="h2 eol"><span class="xr">❌</span></td>
<td class="h2 eol">
<small>See: <a href="https://www.phpmyadmin.net/security/PMASA-2020-5/">PMASA-2020-5</a></small>
</td>
</tr>
<tr>
<td class="h2 eol">phpMyAdmin <= 4.9.4<br /><small>(<= 2020.01.08)</small></td>
<td class="h2 eol"><span class="xr">8.8~10.0</span></td>
<td class="h2 eol"><span class="xr">❌</span></td>
<td class="h2 eol"></td>
</tr>
</table>
<hr />
</div></div>
</body>
</html>