CVE-2022-48366

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-48366
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48366.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-48366
Aliases
Related
Published
2023-03-12T05:15:12.137Z
Modified
2026-03-14T15:00:48.751995Z
Severity
  • 3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack.

References

Affected packages

Git / github.com/ezsystems/ezcommerce

Affected ranges

Type
GIT
Repo
https://github.com/ezsystems/ezcommerce
Events
Introduced
14186b550123331f59ab9b85032dd96cde8ac9c8
Fixed
8a174a1d3dc4710b437f775ec1f4b021fe7b8624
Database specific 
{
    "versions": [
        {
            "introduced": "2.5.0"
        },
        {
            "fixed": "2.5.13"
        }
    ]
}
Type
GIT
Repo
https://github.com/ezsystems/ezplatform
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
645791e9fdbf7013c38139ec2f8cd3506fb22127
Introduced
cf8ed163c44ad383802b0e82b947b4fe3afdb5fa
Fixed
160a87d442c3509d9fd854ae84197d9bff2ff002
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.5.30"
        },
        {
            "introduced": "3.0.0"
        },
        {
            "fixed": "3.0.2"
        }
    ]
}
Type
GIT
Repo
https://github.com/ibexa/commerce
Events
Introduced
186cfa6d82e3564efca9b7686e00225cfe4430a1
Fixed
9038d2e14f408255c60a1daba6c53408adccbd01
Introduced
d0594cf367d09d1f0c3ad38fd1eb100f160570ee
Fixed
feae30c4f74ef67c8e3e28d52fe2b0642d15c566
Introduced
3ea957e34737af074b80b7ba3fb400b7d7a59550
Fixed
7a326018cdbb49d2fc427e062743e4cb75cc6406
Introduced
186cfa6d82e3564efca9b7686e00225cfe4430a1
Fixed
3036e2146db3dc99a99867b2d532352d37b39543
Introduced
d0594cf367d09d1f0c3ad38fd1eb100f160570ee
Fixed
feae30c4f74ef67c8e3e28d52fe2b0642d15c566
Introduced
3ea957e34737af074b80b7ba3fb400b7d7a59550
Fixed
7a326018cdbb49d2fc427e062743e4cb75cc6406
Introduced
d0594cf367d09d1f0c3ad38fd1eb100f160570ee
Fixed
feae30c4f74ef67c8e3e28d52fe2b0642d15c566
Introduced
3ea957e34737af074b80b7ba3fb400b7d7a59550
Fixed
7a326018cdbb49d2fc427e062743e4cb75cc6406
Database specific 
{
    "versions": [
        {
            "introduced": "3.3.0"
        },
        {
            "fixed": "3.3.18"
        },
        {
            "introduced": "4.0.0"
        },
        {
            "fixed": "4.0.7"
        },
        {
            "introduced": "4.1.0"
        },
        {
            "fixed": "4.1.4"
        },
        {
            "introduced": "3.3.0"
        },
        {
            "fixed": "3.3.20"
        },
        {
            "introduced": "4.0.0"
        },
        {
            "fixed": "4.0.7"
        },
        {
            "introduced": "4.1.0"
        },
        {
            "fixed": "4.1.4"
        },
        {
            "introduced": "4.0.0"
        },
        {
            "fixed": "4.0.7"
        },
        {
            "introduced": "4.1.0"
        },
        {
            "fixed": "4.1.4"
        }
    ]
}

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "1.3.0"
            },
            {
                "fixed": "1.3.27"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "2.3.0"
            },
            {
                "fixed": "2.3.19"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "1.3.0"
            },
            {
                "fixed": "1.3.19"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "7.5.0"
            },
            {
                "fixed": "7.5.29"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48366.json"