Security Advisories - ezsystems/ezpublish-kernel - Packagist

ezsystems/ezpublish-kernel Security Advisories for v6.10.0-beta1 (3)

[MEDIUM] eZ Platform REST API returns list of all SiteAccesses

PKSA-jv5q-gq3v-6ywm GHSA-9wwx-c723-vm8x

Affected version: >=5.3.0,<5.3.12.1|>=5.4.0,<5.4.13.1|>=6.0.0,<6.7.9.1|>=6.8.0,<6.13.5.1|>=7.0.0,<7.2.4.1|>=7.3.0,<7.3.2.1

Reported by:
GitHub
[CRITICAL] eZ Publish Kernel and Legacy Unrestricted Upload of File with Dangerous Type

PKSA-b5bw-6hbd-8dsn CVE-2020-10806 GHSA-54p5-gxq6-j98g

Affected version: >=7.0,<7.5.6.2|>=6.0,<6.13.6.2|<5.4.14.1

Reported by:
GitHub
[HIGH] EZSA-2018-008 REST API returns list of all SiteAccesses

PKSA-wb2t-56n4-3vbm GHSA-44m4-9cjp-j587

Affected version: >=7.3.0,<7.3.2.1|>=7.0.0,<7.2.4.1|>=6.8.0,<6.13.5.1|>=6.0.0,<6.7.9.1|>=5.4.0,<5.4.13.1|>=5.3.0,<5.3.12.1

Reported by:
FriendsOfPHP/security-advisories, GitHub