Vulnerabilities > Ibexa > EZ Platform Kernel > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-03-12 CVE-2022-48367 Missing Authorization vulnerability in Ibexa products
An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28.
network
low complexity
ibexa CWE-862
critical
 9.8
9.8
2022-02-18 CVE-2022-25337 Injection vulnerability in Ibexa EZ Platform Kernel
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows injection attacks via image filenames.
network
low complexity
ibexa CWE-74
critical
 9.8
9.8