Ez Platform

ez_platform

Vendor: Ibexa • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-70363 1Ibexa 1Ez Platform Jun 2, 2026 Mar 6, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 Incorrect access control in the REST API of Ibexa & Ciril GROUP eZ Platform / Ciril Platform 2.x allows unauthenticated attackers to access sensitive data via enumerating object IDs.
CVE-2022-48366 1Ibexa 7Commerce Digital Experience PlatformEz Platform+4 more Mar 4, 2025 Mar 12, 2023 N/A· v4 3.7 LOW· v3 N/A· v2 An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack.
CVE-2022-48365 1Ibexa 3Digital Experience Platform Ez PlatformEz Platform Kernel Mar 4, 2025 Mar 12, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives excessive privileges.