GHSA-66m4-gc8h-hpjx, CVE-2022-48366
packagist/ezsystems/ezplatform-kernel
Timing attack in eZ Platform Ibexa
An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack.
All versions starting from 1.3.0 before 1.3.19
Upgrade to version 1.3.19 or above.
2023-03-16
source |