Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
IbexaKernel

2 matches found

CVE
CVEadded 2023/03/12 12:0 a.m.86 views

CVE-2022-48367

An issue in eZ Publish Ibexa Kernel prior to 7.5.28 permits improper access control based on object state, leading to potential unauthorized access. CVSS v3.1 base score 9.8 (CRITICAL); attack vector NETWORK, no user interaction. A remediation is to upgrade to 7.5.28 or later per the associated a...

9.8CVSS9.4AI score0.00428EPSS
CVE
CVEadded 2023/03/12 12:0 a.m.71 views

CVE-2022-48366

CVE-2022-48366 affects eZ Platform Ibexa Kernel prior to 1.3.19, enabling an attacker to determine whether an account exists via a timing attack (remote, no auth, no user interaction). The CVSS v3.1 vector indicates network access, high attack complexity, and no privileges required, with a low co...

3.7CVSS4AI score0.0023EPSS