Ibexa Digital Experience Platform vulnerabilities
3 known vulnerabilities affecting ibexa/digital_experience_platform.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1LOW1
Vulnerabilities
Page 1 of 1
CVE-2022-48367CRITICALCVSS 9.8≥ 3.3.0, < 3.3.18≥ 4.0.0, < 4.0.5+1 more2023-03-12
CVE-2022-48367 [CRITICAL] CWE-862 CVE-2022-48367: An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object sta
An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled.
nvd
CVE-2022-48365HIGHCVSS 7.2≥ 3.3.0, < 3.3.28≥ 4.2.0, < 4.2.32023-03-12
CVE-2022-48365 [HIGH] CWE-269 CVE-2022-48365: An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives exce
An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives excessive privileges.
nvd
CVE-2022-48366LOWCVSS 3.7≥ 3.3.0, < 3.3.20≥ 4.0.0, < 4.0.7+1 more2023-03-12
CVE-2022-48366 [LOW] CWE-362 CVE-2022-48366: An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account exi
An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack.
nvd