Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist

ezsystems/ezpublish-kernel

packagist · Kernel used by ezsystems/ezplatform and derivatives. Provides the Content Repository, its APIs, and the application's Symfony framework integration. · Repository · Package

Security Advisories for ezsystems/ezpublish-kernel in packagist

High
over 1 year ago

eZ Platform Object Injection in SiteAccessMatchListener GSA_kwCzR0hTQS02NHZqLTkzM2YtNnBtM84AA8Ht

packagist ezsystems/ezpublish-kernel
High
over 1 year ago

eZ Publish Remote code execution in file uploads GSA_kwCzR0hTQS0zdndyLWpqNGYtaDk4eM4AA8Hq

packagist ezsystems/ezpublish-kernel
Moderate
over 1 year ago

eZ Platform REST API returns list of all SiteAccesses GSA_kwCzR0hTQS05d3d4LWM3MjMtdm04eM4AA8Ho

packagist ezsystems/ezpublish-kernel
Low
almost 2 years ago

Download route allows filename change in eZpublish kernel GSA_kwCzR0hTQS05NDZjLWY5dzYtMmMyNc4AA26n

packagist ezsystems/ezpublish-kernel
Moderate
over 2 years ago

User account enumeration in eZ Publish Ibexa Kernel GSA_kwCzR0hTQS04OXAzLTlqOGMtZnFoNM4AAyDu

packagist ezsystems/ezpublish-kernel
Moderate
over 2 years ago

Cross Site Scripting in eZ Platform Ibexa Kernel GSA_kwCzR0hTQS1jNzM3LWpod3ItZnF4as4AAyDx

packagist ezsystems/ezplatform-kernel, ezsystems/ezpublish-kernel
Critical
over 2 years ago

Access control issue in ezsystems/ezpublish-kernel GSA_kwCzR0hTQS1oNXYyLXdyaHAtNXYzNc4AAyDv

packagist ezsystems/ezpublish-kernel
High
over 2 years ago

Company admin role gives excessive privileges in eZ Platform Ibexa GSA_kwCzR0hTQS1xcTJqLTlwZjgtZzU4Y84AAyDw

packagist ezsystems/ezplatform-kernel, ezsystems/ezpublish-kernel
Low
over 2 years ago

Timing attack in eZ Platform Ibexa GSA_kwCzR0hTQS02Nm00LWdjOGgtaHBqeM4AAyDt

packagist ezsystems/ezpublish-kernel, ezsystems/ezplatform-kernel
Critical
almost 3 years ago

eZ Platform users with the Company admin role can assign any role to any user GSA_kwCzR0hTQS05OXIzLXhtbXEtN3E3Z84AAv0h

packagist ezsystems/ezpublish-kernel
Critical
over 3 years ago

Login timing attack in ezsystems/ezpublish-kernel GSA_kwCzR0hTQS14ZnFnLXA0OGctaGg5NM4AArUB

packagist ezsystems/ezpublish-kernel
Critical
over 3 years ago

eZ Publish Kernel and Legacy Unrestricted Upload of File with Dangerous Type GSA_kwCzR0hTQS01NHA1LWd4cTYtajk4Z84AAj_C

packagist ezsystems/ezpublish-legacy, ezsystems/ezpublish-kernel
Critical
over 3 years ago

Object state limitation has no effect GSA_kwCzR0hTQS01eDRmLTd4Z3EtcjQyeM1REw

packagist ezsystems/ezpublish-kernel
Critical
over 3 years ago

Code injection in ezsystems/ezpublish-kernel GSA_kwCzR0hTQS14d3Y2LXY3cXgtZjVqY80tiQ

packagist ezsystems/ezpublish-kernel
High
over 3 years ago

IBX-1392: Image filenames sanitization GSA_kwCzR0hTQS00NG00LTljanAtajU4N80kcg

packagist ezsystems/ezpublish-kernel
High
over 4 years ago

Cross-site scripting in eZ Platform Kernel MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1ydmotN3E0Zi01cDQy

packagist ezsystems/ezplatform-kernel, ezsystems/ezpublish-kernel
High
over 4 years ago

/user/sessions endpoint allows detecting valid accounts MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtcmYtOTlndy12dndq

packagist ezsystems/ezpublish-kernel

Filter by Severity

High 6 Critical 6 Moderate 3 Low 2