pkg:Packagist/ezsystems/ezpublish-kernel

10 total CVEsCRITICAL3HIGH2MEDIUM2LOW2

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2022-48367Access control issue in ezsystems/ezpublish-kernel
    >= 7.5.0, < 7.5.28
  • CRITICAL9.8CVE-2020-10806eZ Publish Kernel and Legacy Unrestricted Upload of File with Dangerous Type
    from 0, < 5.4.14.1
  • CRITICAL9.8CVE-2022-25337Code injection in ezsystems/ezpublish-kernel
    >= 7.5.0, < 7.5.26
  • HIGH7.2CVE-2022-48365eZ Platform users with the Company admin role can assign any role to any user
    >= 7.5.0, < 7.5.30
  • HIGH7.2CVE-2022-48365eZ Platform users with the Company admin role can assign any role to any user
    >= 7.5.0, < 7.5.30
  • MEDIUM5.3CVE-2021-46876/user/sessions endpoint allows detecting valid accounts
    >= 6.13.0, < 6.13.8.1
  • MEDIUM5.3CVE-2021-46876/user/sessions endpoint allows detecting valid accounts
    >= 6.13.0, < 6.13.8.1
  • LOW3.7CVE-2022-48366Login timing attack in ezsystems/ezpublish-kernel
    >= 7.5.0, < 7.5.29
  • LOW3.7CVE-2022-48366Login timing attack in ezsystems/ezpublish-kernel
    >= 7.5.0, < 7.5.29
  • CVE-2021-46875Cross-site scripting in eZ Platform Kernel
    from 0, < 6.13.8.2