ezsystems/ezpublish-legacy vulnerabilities

eZ Publish LegacyStack (4.x)

Latest version: v2018.09.4

View on Packagist.org
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the ezsystems/ezpublish-legacy package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • H
Deserialization of Untrusted Data
>=5.4.0, <5.4.12.3,>=5.3.0, <5.3.12.6,>=2011.0.0, <2017.12.4.3,>=2018.6.0, <2018.6.1.4,>=2018.9.0, <2018.9.1.3 Not available 29 Nov, 2018
  • M
Authentication Bypass
>=5.4.0, <5.4.12.1,>=2017.12.0, <2017.12.4.1,>=5.3.0, <5.3.12.4,>=2018.6.0, <2018.6.1.2,>=2018.9.0, <2018.9.1.1 Not available 04 Nov, 2018
  • M
Cross-site Scripting (XSS)
>=5.3.0, <5.3.12.5,>=5.4.0, <5.4.12.2,>=2017.12.0, <2017.12.4.2,>=2018.6.0, <2018.6.1.3,>=2018.9.0, <2018.9.1.2 Not available 04 Nov, 2018
  • M
Cross-Site Scripting (XSS)
<2017.08.0 Not available 06 Feb, 2018
  • M
Information Exposure
>=2017.8.0, <2017.8.1.1,>=5.4.0, <5.4.10.1,>=5.3.0, <5.3.12.2 Not available 21 Aug, 2017
  • M
Cross-site Scripting (XSS)
>=5.4.0, <5.4.10,>=5.3.0, <5.3.12.1 Not available 18 Aug, 2017