{"id":20742,"date":"2025-04-10T10:14:40","date_gmt":"2025-04-10T10:14:40","guid":{"rendered":""},"modified":"2025-10-28T02:24:09","modified_gmt":"2025-10-28T08:24:09","slug":"cve-2025-2945-critical-remote-code-execution-vulnerability-in-pgadmin-4","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-2945-critical-remote-code-execution-vulnerability-in-pgadmin-4\/","title":{"rendered":"CVE-2025-2945: Critical Remote Code Execution Vulnerability in pgAdmin 4"},"content":{"rendered":"<h2 class=\"\" data-start=\"171\" data-end=\"182\">Overview<\/h2>\n<p class=\"\" data-start=\"184\" data-end=\"303\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">CVE-2025-2945 is a critical remote code execution (RCE) vulnerability discovered in pgAdmin 4, a widely used open-source administration and management tool for PostgreSQL databases.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">This vulnerability allows authenticated attackers to execute arbitrary Python code on the server hosting pgAdmin 4, potentially leading to full system compromise.<\/span>\u200b<\/p>\n<p class=\"\" data-start=\"305\" data-end=\"386\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">The issue arises from the improper handling of user-supplied input in specific application components, where untrusted <a class=\"wpil_keyword_link\" title=\"data\" href=\"https:\/\/chat.ameeba.com\" data-wpil-keyword-link=\"linked\" data-wpil-monitor-id=\"29352\">data<\/a> is passed directly to Python&#8217;s <code class=\"\" data-line=\"\">eval()<\/code> function without adequate validation.<\/span><\/p>\n<h2 class=\"\" data-start=\"393\" data-end=\"417\">Vulnerability Summary<\/h2>\n<div class=\"group pointer-events-none relative flex justify-center *:pointer-events-auto\">\n<div class=\"tableContainer horzScrollShadows relative\">\n<table class=\"min-w-full\" data-start=\"419\" data-end=\"1075\">\n<thead data-start=\"419\" data-end=\"491\">\n<tr data-start=\"419\" data-end=\"491\">\n<th data-start=\"419\" data-end=\"444\">Field<\/th>\n<th data-start=\"444\" data-end=\"491\">Detail<\/th>\n<\/tr>\n<\/thead>\n<tbody data-start=\"565\" data-end=\"1075\">\n<tr data-start=\"565\" data-end=\"637\">\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"565\" data-end=\"590\"><strong data-start=\"567\" data-end=\"577\">CVE ID<\/strong><\/td>\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"590\" data-end=\"637\">CVE-2025-2945<\/td>\n<\/tr>\n<tr data-start=\"638\" data-end=\"710\">\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"638\" data-end=\"663\"><strong data-start=\"640\" data-end=\"652\">Severity<\/strong><\/td>\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"663\" data-end=\"710\">Critical (CVSS Score: 9.9)<\/td>\n<\/tr>\n<tr data-start=\"711\" data-end=\"783\">\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"711\" data-end=\"736\"><strong data-start=\"713\" data-end=\"730\">Attack Vector<\/strong><\/td>\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"736\" data-end=\"783\">Network<\/td>\n<\/tr>\n<tr data-start=\"784\" data-end=\"856\">\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"784\" data-end=\"809\"><strong data-start=\"786\" data-end=\"809\">Privileges Required<\/strong><\/td>\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"809\" data-end=\"856\">Low<\/td>\n<\/tr>\n<tr data-start=\"857\" data-end=\"929\">\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"857\" data-end=\"882\"><strong data-start=\"859\" data-end=\"879\">User Interaction<\/strong><\/td>\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"882\" data-end=\"929\">None<\/td>\n<\/tr>\n<tr data-start=\"930\" data-end=\"1002\">\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"930\" data-end=\"955\"><strong data-start=\"932\" data-end=\"942\">Impact<\/strong><\/td>\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"955\" data-end=\"1002\"><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-45199-remote-code-execution-vulnerability-in-insightsoftware-hive-jdbc\/\"  data-wpil-monitor-id=\"29914\">Remote Code Execution<\/a><\/td>\n<\/tr>\n<tr data-start=\"1003\" data-end=\"1075\">\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"1003\" data-end=\"1028\"><strong data-start=\"1005\" data-end=\"1028\">Affected Components<\/strong><\/td>\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"1028\" data-end=\"1075\">Query Tool and <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-20286-critical-vulnerability-in-cloud-deployments-of-cisco-ise\/\"  data-wpil-monitor-id=\"59328\">Cloud Deployment<\/a> modules<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<hr class=\"\" data-start=\"1077\" data-end=\"1080\" \/>\n<h2 class=\"\" data-start=\"1082\" data-end=\"1102\">Affected Products<\/h2>\n<div class=\"group pointer-events-none relative flex justify-center *:pointer-events-auto\">\n<div class=\"tableContainer horzScrollShadows relative\">\n<table class=\"min-w-full\" data-start=\"1104\" data-end=\"1212\">\n<thead data-start=\"1104\" data-end=\"1138\">\n<tr data-start=\"1104\" data-end=\"1138\">\n<th data-start=\"1104\" data-end=\"1117\">Product<\/th>\n<th data-start=\"1117\" data-end=\"1138\">Affected Versions<\/th>\n<\/tr>\n<\/thead>\n<tbody data-start=\"1174\" data-end=\"1212\">\n<tr data-start=\"1174\" data-end=\"1212\">\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"1174\" data-end=\"1187\">pgAdmin 4<\/td>\n<td class=\"max-w-[calc(var(--thread-content-max-width)*2\/3)]\" data-start=\"1187\" data-end=\"1212\"><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-3248-critical-code-injection-vulnerability-in-langflow-versions-prior-to-1-3-0\/\"  data-wpil-monitor-id=\"30405\">Versions prior<\/a> to 9.2<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<h2 class=\"\" data-start=\"1219\" data-end=\"1243\">How the Exploit Works<\/h2>\n<p class=\"\" data-start=\"1245\" data-end=\"1326\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-32567-critical-sql-injection-vulnerability-in-easy-post-duplicator\/\"  data-wpil-monitor-id=\"33181\">vulnerability exists in two POST<\/a> endpoints within pgAdmin 4:\u200b<\/p>\n<ol data-start=\"1328\" data-end=\"1563\">\n<li class=\"\" data-start=\"1328\" data-end=\"1452\">\n<p class=\"\" data-start=\"1331\" data-end=\"1452\"><strong data-start=\"1331\" data-end=\"1367\"><code class=\"\" data-line=\"\">\/sqleditor\/query_tool\/download<\/code><\/strong>: <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">The <code class=\"\" data-line=\"\">query_commited<\/code> parameter is directly passed to Python&#8217;s <code class=\"\" data-line=\"\">eval()<\/code> function without proper sanitization.<\/span>\u200b<\/p>\n<\/li>\n<li class=\"\" data-start=\"1454\" data-end=\"1563\">\n<p class=\"\" data-start=\"1457\" data-end=\"1563\"><strong data-start=\"1457\" data-end=\"1476\"><code class=\"\" data-line=\"\">\/cloud\/deploy<\/code><\/strong>: <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Similarly, the <code class=\"\" data-line=\"\">high_availability<\/code> parameter is unsafely evaluated using <code class=\"\" data-line=\"\">eval()<\/code>.<\/span>\u200b<\/p>\n<\/li>\n<\/ol>\n<p class=\"\" data-start=\"1565\" data-end=\"1650\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">By crafting malicious input for these parameters, an authenticated attacker can <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-41788-critical-code-execution-vulnerability-in-sentron-7kt-pac1260-data-manager\/\"  data-wpil-monitor-id=\"30682\">execute arbitrary Python code<\/a> on the server.<\/span>\u200b<\/p>\n<h2 class=\"\" data-start=\"1657\" data-end=\"1683\">Conceptual Code Example<\/h2>\n<p class=\"\" data-start=\"1685\" data-end=\"1770\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">An attacker could exploit the vulnerability by sending a crafted POST request to the vulnerable <a class=\"wpil_keyword_link\" title=\"endpoint\" href=\"https:\/\/www.ameeba.com\" data-wpil-keyword-link=\"linked\" data-wpil-monitor-id=\"29351\">endpoint<\/a>.<\/span>\u200b<\/p>\n<p class=\"\" data-start=\"1772\" data-end=\"1794\"><strong data-start=\"1772\" data-end=\"1794\">Example in Python:<\/strong><\/p>\n<div class=\"contain-inline-size rounded-md border-[0.5px] border-token-border-medium relative bg-token-sidebar-surface-primary\">\n<div class=\"overflow-y-auto p-4\" dir=\"ltr\"><code class=\"\" data-line=\"\">&lt;code class=&quot;whitespace-pre! language-python&quot;&gt;&lt;span class=&quot;hljs-keyword&quot;&gt;import&lt;\/span&gt; requests<\/code><\/code>url = <span class=\"hljs-string\">&#8220;http:\/\/target-server\/pgadmin4\/sqleditor\/query_tool\/download&#8221;<\/span><br \/>\ndata = {<br \/>\n<span class=\"hljs-string\">&#8216;query_commited&#8217;<\/span>: <span class=\"hljs-string\">&#8220;__import__(&#8216;os&#8217;).system(&#8216;whoami&#8217;)&#8221;<\/span><br \/>\n}<\/p>\n<p><code class=\"\" data-line=\"\">&lt;code class=&quot;whitespace-pre! language-python&quot;&gt;<\/code><\/code>response = requests.post(url, data=data)<br \/>\n<span class=\"hljs-built_in\">print<\/span>(response.text)<\/p>\n<\/div>\n<\/div>\n<p class=\"\" data-start=\"2069\" data-end=\"2154\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">In this example, the attacker leverages Python&#8217;s <code class=\"\" data-line=\"\">__import__<\/code> function to <\/code><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-28137-critical-pre-auth-remote-command-execution-vulnerability-in-totolink-a810r\/\"  data-wpil-monitor-id=\"34758\">execute the <code class=\"\" data-line=\"\">whoami command&lt;\/a&gt; on the server.&lt;\/span&gt;\u200b&lt;\/p&gt;<\/p>\n<p>&lt;h2 class=&quot;&quot; data-start=&quot;2161&quot; data-end=&quot;2194&quot;&gt;Recommendations for Mitigation&lt;\/h2&gt;<br \/>\n&lt;p class=&quot;&quot; data-start=&quot;2196&quot; data-end=&quot;2248&quot;&gt;To mitigate the risks associated with CVE-2025-2945:&lt;\/p&gt;<\/p>\n<p>&lt;ul data-start=&quot;2250&quot; data-end=&quot;2690&quot;&gt;<br \/>\n \t&lt;li class=&quot;&quot; data-start=&quot;2250&quot; data-end=&quot;2359&quot;&gt;<br \/>\n&lt;p class=&quot;&quot; data-start=&quot;2252&quot; data-end=&quot;2359&quot;&gt;&lt;strong data-start=&quot;2252&quot; data-end=&quot;2272&quot;&gt;Update pgAdmin 4&lt;\/strong&gt;: &lt;span class=&quot;relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out&quot;&gt;Upgrade to version &lt;strong data-start=&quot;19&quot; data-end=&quot;26&quot;&gt;9.2&lt;\/strong&gt; or later, where the &lt;a href=&quot;https:\/\/www.ameeba.com\/blog\/cve-2025-4335-privilege-escalation-vulnerability-in-woocommerce-multiple-addresses-plugin-for-wordpress\/&quot;  data-wpil-monitor-id=&quot;43763&quot;&gt;vulnerability has been addressed&lt;\/a&gt;.&lt;\/span&gt;&lt;\/p&gt;<br \/>\n&lt;\/li&gt;<br \/>\n \t&lt;li class=&quot;&quot; data-start=&quot;2361&quot; data-end=&quot;2469&quot;&gt;<br \/>\n&lt;p class=&quot;&quot; data-start=&quot;2363&quot; data-end=&quot;2469&quot;&gt;&lt;strong data-start=&quot;2363&quot; data-end=&quot;2382&quot;&gt;Restrict Access&lt;\/strong&gt;: &lt;span class=&quot;relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out&quot;&gt;Limit &lt;a href=&quot;https:\/\/www.ameeba.com\/blog\/fortinet-s-fortigate-vulnerability-ssl-vpn-symlink-exploit-puts-user-access-at-risk-post-patching\/&quot;  data-wpil-monitor-id=&quot;30406&quot;&gt;access to pgAdmin 4 to trusted networks and users&lt;\/a&gt;.&lt;\/span&gt;\u200b&lt;\/p&gt;<br \/>\n&lt;\/li&gt;<br \/>\n \t&lt;li class=&quot;&quot; data-start=&quot;2471&quot; data-end=&quot;2580&quot;&gt;<br \/>\n&lt;p class=&quot;&quot; data-start=&quot;2473&quot; data-end=&quot;2580&quot;&gt;&lt;strong data-start=&quot;2473&quot; data-end=&quot;2493&quot;&gt;&lt;a href=&quot;https:\/\/www.ameeba.com\/blog\/cve-2025-30391-microsoft-dynamics-input-validation-vulnerability-leading-to-unauthorized-information-disclosure\/&quot;  data-wpil-monitor-id=&quot;42615&quot;&gt;Input Validation&lt;\/a&gt;&lt;\/strong&gt;: &lt;span class=&quot;relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out&quot;&gt;Ensure that all user inputs are properly validated and sanitized before processing.&lt;\/span&gt;\u200b&lt;\/p&gt;<br \/>\n&lt;\/li&gt;<br \/>\n \t&lt;li class=&quot;&quot; data-start=&quot;2582&quot; data-end=&quot;2690&quot;&gt;<br \/>\n&lt;p class=&quot;&quot; data-start=&quot;2584&quot; data-end=&quot;2690&quot;&gt;&lt;strong data-start=&quot;2584&quot; data-end=&quot;2603&quot;&gt;Monitor Systems&lt;\/strong&gt;: &lt;span class=&quot;relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out&quot;&gt;Implement monitoring to &lt;a href=&quot;https:\/\/www.ameeba.com\/blog\/demystifying-cybersecurity-indicators-the-power-of-iocs-iobs-and-ioas-in-threat-detection-and-prevention\/&quot;  data-wpil-monitor-id=&quot;42616&quot;&gt;detect any unusual activities that may indicate&lt;\/a&gt; exploitation attempts.&lt;\/span&gt;\u200b&lt;\/p&gt;<br \/>\n&lt;\/li&gt;<br \/>\n&lt;\/ul&gt;<br \/>\n&lt;h2 class=&quot;&quot; data-start=&quot;2697&quot; data-end=&quot;2721&quot;&gt;Timeline and Response&lt;\/h2&gt;<br \/>\n&lt;ul data-start=&quot;2723&quot; data-end=&quot;3046&quot;&gt;<br \/>\n \t&lt;li class=&quot;&quot; data-start=&quot;2723&quot; data-end=&quot;2824&quot;&gt;<br \/>\n&lt;p class=&quot;&quot; data-start=&quot;2725&quot; data-end=&quot;2824&quot;&gt;&lt;strong data-start=&quot;2725&quot; data-end=&quot;2737&quot;&gt;Reported&lt;\/strong&gt;: &lt;span class=&quot;relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out&quot;&gt;March 29, 2025&lt;\/span&gt;\u200b&lt;\/p&gt;<br \/>\n&lt;\/li&gt;<br \/>\n \t&lt;li class=&quot;&quot; data-start=&quot;2826&quot; data-end=&quot;2934&quot;&gt;<br \/>\n&lt;p class=&quot;&quot; data-start=&quot;2828&quot; data-end=&quot;2934&quot;&gt;&lt;strong data-start=&quot;2828&quot; data-end=&quot;2847&quot;&gt;Patched Release&lt;\/strong&gt;: &lt;span class=&quot;relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out&quot;&gt;April 4, 2025 (pgAdmin 4 version 9.2)&lt;\/span&gt;\u200b&lt;\/p&gt;<br \/>\n&lt;\/li&gt;<br \/>\n \t&lt;li class=&quot;&quot; data-start=&quot;2936&quot; data-end=&quot;3046&quot;&gt;<br \/>\n&lt;p class=&quot;&quot; data-start=&quot;2938&quot; data-end=&quot;3046&quot;&gt;&lt;strong data-start=&quot;2938&quot; data-end=&quot;2959&quot;&gt;Public Disclosure&lt;\/strong&gt;: &lt;span class=&quot;relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out&quot;&gt;April 7, 2025&lt;\/span&gt;\u200b&lt;\/p&gt;<br \/>\n&lt;\/li&gt;<br \/>\n&lt;\/ul&gt;<br \/>\n&lt;h2 class=&quot;&quot; data-start=&quot;3053&quot; data-end=&quot;3072&quot;&gt;Closing Thoughts&lt;\/h2&gt;<br \/>\n&lt;p class=&quot;&quot; data-start=&quot;3074&quot; data-end=&quot;3239&quot;&gt;&lt;span class=&quot;relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out&quot;&gt;CVE-2025-2945 highlights the &lt;a href=&quot;https:\/\/www.ameeba.com\/blog\/cve-2025-53529-critical-sql-injection-vulnerability-in-wegia-web-manager\/&quot;  data-wpil-monitor-id=&quot;91566&quot;&gt;critical importance of proper input handling and validation in web&lt;\/a&gt; applications.&lt;\/span&gt; &lt;span class=&quot;relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out&quot;&gt;The use of functions like &lt;code data-start=&quot;26&quot; data-end=&quot;34&quot;&gt;eval()<\/code> with untrusted input can <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-0576-critical-vulnerability-in-totolink-lr1200gb-leading-to-potential-system-compromise\/\"  data-wpil-monitor-id=\"29372\">lead to severe security vulnerabilities<\/a>.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Organizations using pgAdmin 4 should promptly update to the latest version and review their <a href=\"https:\/\/www.ameeba.com\/blog\/nsa-issues-guidance-on-fast-flux-a-rising-national-security-threat\/\"  data-wpil-monitor-id=\"29657\">security practices to prevent similar issues<\/a>.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview CVE-2025-2945 is a critical remote code execution (RCE) vulnerability discovered in pgAdmin 4, a widely used open-source administration and management tool for PostgreSQL databases. This vulnerability allows authenticated attackers to execute arbitrary Python code on the server hosting pgAdmin 4, potentially leading to full system compromise.\u200b The issue arises from the improper handling of [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[80],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-20742","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-rce"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/20742","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=20742"}],"version-history":[{"count":22,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/20742\/revisions"}],"predecessor-version":[{"id":84732,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/20742\/revisions\/84732"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=20742"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=20742"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=20742"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=20742"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=20742"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=20742"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=20742"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=20742"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=20742"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}