CVE-2022-48366

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48366
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48366.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-48366
Aliases
Withdrawn
2024-09-03T04:41:21.598007Z
Published
2023-03-12T05:15:12Z
Modified
2024-09-03T04:56:51.321380Z
Severity
  • 3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack.

References

Affected packages

Git / github.com/ezsystems/ezplatform

Affected ranges

Type
GIT
Repo
https://github.com/ezsystems/ezplatform
Events
Introduced
cf8ed163c44ad383802b0e82b947b4fe3afdb5fa
Fixed
160a87d442c3509d9fd854ae84197d9bff2ff002
Type
GIT
Repo
https://github.com/ezsystems/ezplatform-ee
Events
Introduced
f47ba0ace4944548a89bc4587e3f52d780f65607
Fixed
fc53022cc4813441ed506078cb2cd53129989db0
Type
GIT
Repo
https://github.com/ezsystems/jmspaymentcorebundle
Events
Introduced
5a316496d0864d30141b2a168c8c868cd421c5a4
Fixed
0321be452b53c9981047e5259c0e7bc9fd73d28d
Type
GIT
Repo
https://github.com/ibexa/commerce
Events
Introduced
d0594cf367d09d1f0c3ad38fd1eb100f160570ee
Fixed
feae30c4f74ef67c8e3e28d52fe2b0642d15c566