Security Audit v2.0.12

Language
- English
- Français
Login / Register

prod

Ibexa OSS 4.6

34 vulnerabilities has been found

6 abandonned packages has been found

Last analyse : 6 days ago

No result.

34 vulnerabilities has been found

#	Total	C	H	M	L
Composer	26	0	13	8	5	0
Php	8	1	3	2	1	1

Composer

5 ibexa/admin-ui —— v4.6.7 +

high XSS in fields used in the Content name pattern

Affected versions : v4.0.0,v4.0.8|v4.1.0,v4.1.5|v4.2.0,v4.2.4|v4.3.0,v4.3.5|v4.4.0,v4.4.4|v4.5.0,v4.5.7|v4.6.0,v4.6.13
Patched versions : v4.6.14
https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates

Reported 11/28/24

IBEXA-SA-2024-006

high XSS vulnerabilities in back office

Affected versions : v4.6.0,v4.6.20
Patched versions : v4.6.21
https://developers.ibexa.co/security-advisories/ibexa-sa-2025-003-xss-vulnerabilities-in-back-office

Reported 6/11/25

IBEXA-SA-2025-003

medium Ibexa Admin UI XSS vulnerabilities in back office

Affected versions : >=4.6.0-beta1,<4.6.21
Patched versions : 4.6.21
https://github.com/advisories/GHSA-5r6x-g6jv-4v87

Reported 6/13/25

medium Ibexa Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget

Affected versions : >=4.6.0-beta1,<4.6.9
Patched versions : 4.6.9
https://github.com/advisories/GHSA-qm44-wjm2-pr59

Reported 7/31/24

CVE-2024-39318

medium Ibexa Admin UI vulnerable to Cross-site Scripting in a field that is used in the Content name pattern

Affected versions : >=4.6.0,<4.6.14
Patched versions : 4.6.14
https://github.com/advisories/GHSA-8w3p-gf85-qcch

Reported 12/2/24

CVE-2024-53864

5 ibexa/fieldtype-richtext —— v4.6.7 +

high XXE vulnerability in RichText

Affected versions : v4.6.0,v4.6.18
Patched versions : v4.6.19
https://developers.ibexa.co/security-advisories/ibexa-sa-2025-002-xxe-vulnerability-in-richtext

Reported 4/9/25

IBEXA-SA-2025-002

high XSS vulnerabilities in back office

Affected versions : v4.6.0,v4.6.20
Patched versions : v4.6.21
https://developers.ibexa.co/security-advisories/ibexa-sa-2025-003-xss-vulnerabilities-in-back-office

Reported 6/11/25

IBEXA-SA-2025-003

high Persistent Cross-site Scripting in Ibexa RichText Field Type

Affected versions : >=4.6.0,<4.6.10
Patched versions : 4.6.10
https://github.com/advisories/GHSA-hvcf-6324-cjh7

Reported 8/14/24

CVE-2024-43369

high ibexa/fieldtype-richtext allows access to external entities in XML

Affected versions : >=4.6.0-beta1,<4.6.19
Patched versions : 4.6.19
https://github.com/advisories/GHSA-cj3w-g42v-wcj6

Reported 4/10/25

medium Ibexa RichText Field Type XSS vulnerabilities in back office

Affected versions : >=4.6.0-beta1,<4.6.21
Patched versions : 4.6.21
https://github.com/advisories/GHSA-9qv6-4pwm-m68f

Reported 6/13/25

3 twig/twig —— v3.10.3 +

high Twig has a possible sandbox bypass

Affected versions : >=3.0.0,<3.14.0|>=2.0.0,<2.16.1|>=1.0.0,<1.44.8
Patched versions : 1.44.8 2.16.1 3.14.0
https://github.com/advisories/GHSA-6j75-5wfj-gh66

Reported 9/9/24

CVE-2024-45411

low Unguarded calls to __isset() and to array-accesses when the sandbox is enabled

Affected versions : >=1.0.0,<2.0.0|>=2.0.0,<3.0.0|>=3.0.0,<3.11.2|>=3.12.0,<3.14.1
Patched versions : 3.11.2 3.14.1
https://symfony.com/blog/unguarded-calls-to-__isset-and-to-array-accesses-when-the-sandbox-is-enabled

Reported 11/6/24

CVE-2024-51755

low Unguarded calls to __toString() when nesting an object into an array

Reported 11/6/24

CVE-2024-51754

1 symfony/http-foundation —— v5.4.40 +

low CVE-2024-50345: Open redirect via browser-sanitized URLs

Affected versions : >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7
Patched versions : 5.4.46 6.4.14 7.1.7 5.4.46 6.4.14 7.1.7
https://symfony.com/cve-2024-50345

Reported 11/5/24

CVE-2024-50345

1 symfony/process —— v5.4.40 +

high CVE-2024-51736: Command execution hijack on Windows with Process class

Reported 11/5/24

CVE-2024-51736

1 symfony/runtime —— v5.4.40 +

medium CVE-2024-50340: Ability to change environment from query

Affected versions : >=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7
Patched versions : 5.4.46 6.4.14 7.1.7 5.4.46 6.4.14 7.1.7
https://symfony.com/cve-2024-50340

Reported 11/5/24

CVE-2024-50340

1 symfony/http-client —— v5.4.40 +

low CVE-2024-50342: Internal address and port enumeration allowed by NoPrivateNetworkHttpClient

Affected versions : >=4.3.0,<4.4.0|>=4.4.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7
Patched versions : 5.4.46 6.4.14 7.1.7 5.4.46 6.4.14 7.1.7
https://symfony.com/cve-2024-50342

Reported 11/5/24

CVE-2024-50342

1 symfony/validator —— v5.4.40 +

low CVE-2024-50343: Incorrect response from Validator when input ends with ` `

Affected versions : >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.43|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.11|>=7.0.0,<7.1.0|>=7.1.0,<7.1.4
Patched versions : 5.4.43 6.4.11 7.1.4 5.4.43 6.4.11 7.1.4
https://symfony.com/cve-2024-50343

Reported 8/30/24

CVE-2024-50343

1 symfony/security-http —— v5.4.40 +

high CVE-2024-51996: Authentication Bypass via persisted RememberMe cookie

Affected versions : >=5.3.0,<5.4.0|>=5.4.0,<5.4.47|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.15|>=7.0.0,<7.1.0|>=7.1.0,<7.1.8
Patched versions : 5.4.47 6.4.15 7.1.8
https://symfony.com/cve-2024-51996

Reported 11/13/24

CVE-2024-51996

2 ibexa/http-cache —— v4.6.7 +

high BREACH vulnerability in varnish VCL and vhost templates

Reported 11/28/24

IBEXA-SA-2024-006

medium ibexa/http-cache affected by Breach with Varnish VCL

Affected versions : >=4.6.0,<4.6.14
Patched versions : 4.6.14
https://github.com/advisories/GHSA-fh7v-q458-7vmw

Reported 12/2/24

2 ibexa/post-install —— v4.6.7 +

high BREACH vulnerability in varnish VCL and vhost templates

Reported 11/28/24

IBEXA-SA-2024-006

medium ibexa/post-install affected by Breach with Varnish VCL

Affected versions : >=4.6.0,<4.6.14|>=1.0.0,<1.0.16
Patched versions : 1.0.16 4.6.14
https://github.com/advisories/GHSA-4h8f-c635-25p7

Reported 12/2/24

1 symfony/var-dumper —— v5.4.40 +

high Symfony's VarDumper vulnerable to unsafe deserialization

Affected versions : >=7.0.0,<7.0.4|<6.4.4
Patched versions : 6.4.4 7.0.4
https://github.com/advisories/GHSA-cg28-v4wq-whv5

Reported 11/29/24

CVE-2024-36610

2 ibexa/admin-ui-assets —— v4.6.7 +

high XSS vulnerabilities in back office

Affected versions : v4.6.0,v4.6.20
Patched versions : v4.6.21
https://developers.ibexa.co/security-advisories/ibexa-sa-2025-003-xss-vulnerabilities-in-back-office

Reported 6/11/25

IBEXA-SA-2025-003

medium Ibexa Admin UI assets XSS vulnerabilities in back office

Affected versions : >=4.6.0-alpha1,<4.6.21
Patched versions : 4.6.21
https://github.com/advisories/GHSA-vhgq-r8gx-5fpv

Reported 6/13/25

Php

8 PHP —— 8.3.8 +

critical In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

* [https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv](https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv)

Reported 11/24/24

CVE-2024-11236

high In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.

* [https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43](https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43)

Reported 11/24/24

CVE-2024-11233

high In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user.

* [https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2](https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2)

Reported 11/24/24

CVE-2024-11234

high In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution.

Affected versions : 8.3.0|8.3.18,8.4.0|8.4.5
Patched versions :
* [https://github.com/php/php-src/security/advisories/GHSA-rwp7-7vc6-8477](https://github.com/php/php-src/security/advisories/GHSA-rwp7-7vc6-8477)
* [https://github.com/php/php-src/security/advisories/GHSA-rwp7-7vc6-8477](https://github.com/php/php-src/security/advisories/GHSA-rwp7-7vc6-8477)

Reported 4/4/25

CVE-2024-11235

medium The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

Affected versions : 4.4.0|4.4.7,5.0.0|5.0.5,5.1.0|5.1.6,5.2.0|5.2.2
Patched versions :
* [http://www.acid-root.new.fr/advisories/14070612.txt](http://www.acid-root.new.fr/advisories/14070612.txt)
* [http://securityreason.com/securityalert/2800](http://securityreason.com/securityalert/2800)
* [http://osvdb.org/39834](http://osvdb.org/39834)
* [https://exchange.xforce.ibmcloud.com/vulnerabilities/34836](https://exchange.xforce.ibmcloud.com/vulnerabilities/34836)
* [http://www.securityfocus.com/archive/1/471275/100/0/threaded](http://www.securityfocus.com/archive/1/471275/100/0/threaded)
* [http://www.securityfocus.com/archive/1/471204/100/0/threaded](http://www.securityfocus.com/archive/1/471204/100/0/threaded)
* [http://www.securityfocus.com/archive/1/471178/100/0/threaded](http://www.securityfocus.com/archive/1/471178/100/0/threaded)

Reported 6/13/07

CVE-2007-3205

medium In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations.

Affected versions : 8.1.0|8.1.31,8.2.0|8.2.27,8.3.0|8.3.18,8.4.0|8.4.4
Patched versions :
* [https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc](https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc)
* [https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc](https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc)

Reported 3/30/25

CVE-2025-1219

low In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc.

Affected versions : 8.1.0|8.1.31,8.2.0|8.2.27,8.3.0|8.3.18,8.4.0|8.4.4
Patched versions :
* [https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g](https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g)
* [https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g](https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g)

Reported 3/29/25

CVE-2025-1217

unassigned A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.

* [https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/](https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/)
* [https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/](https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/)
* [https://kb.cert.org/vuls/id/123335](https://kb.cert.org/vuls/id/123335)
* [https://kb.cert.org/vuls/id/123335](https://kb.cert.org/vuls/id/123335)
* [https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way](https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way)
* [https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way](https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way)
* [https://www.cve.org/CVERecord?id=CVE-2024-1874](https://www.cve.org/CVERecord?id=CVE-2024-1874)
* [https://www.cve.org/CVERecord?id=CVE-2024-1874](https://www.cve.org/CVERecord?id=CVE-2024-1874)
* [https://www.cve.org/CVERecord?id=CVE-2024-22423](https://www.cve.org/CVERecord?id=CVE-2024-22423)
* [https://www.cve.org/CVERecord?id=CVE-2024-22423](https://www.cve.org/CVERecord?id=CVE-2024-22423)
* [https://www.cve.org/CVERecord?id=CVE-2024-24576](https://www.cve.org/CVERecord?id=CVE-2024-24576)
* [https://www.cve.org/CVERecord?id=CVE-2024-24576](https://www.cve.org/CVERecord?id=CVE-2024-24576)
* [https://www.kb.cert.org/vuls/id/123335](https://www.kb.cert.org/vuls/id/123335)
* [https://www.kb.cert.org/vuls/id/123335](https://www.kb.cert.org/vuls/id/123335)

Reported 4/10/24

CVE-2024-3566

6 abandonned packages has been found

Abandoned package	Suggested replacement
sensio/framework-extra-bundle	Symfony
php-http/message-factory	psr/http-factory
platformsh/symfonyflex-bridge	None
swiftmailer/swiftmailer	symfony/mailer
symfony/swiftmailer-bundle	symfony/mailer
php-http/guzzle6-adapter	guzzlehttp/guzzle or php-http/guzzle7-adapter

Summary Possible update

Your version is Symfony 5.4

Your version is Php 7.4

Your version is Ibexa 4.6

Badge

[![Vulnerabilities](https://audit.security.code-rhapsodie.fr/badge/018fdea7-1ba2-7bdf-abab-51452e155926?type=vulnerabilities)](https://audit.security.code-rhapsodie.fr/en/project/018fdea7-1ba2-7bdf-abab-51452e155926)

[![Vulnerabilities](https://audit.security.code-rhapsodie.fr/badge/018fdea7-1ba2-7bdf-abab-51452e155926?type=vulnerabilities&version=little)](https://audit.security.code-rhapsodie.fr/en/project/018fdea7-1ba2-7bdf-abab-51452e155926)

[![Abandonned](https://audit.security.code-rhapsodie.fr/badge/018fdea7-1ba2-7bdf-abab-51452e155926?type=abandonned)](https://audit.security.code-rhapsodie.fr/en/project/018fdea7-1ba2-7bdf-abab-51452e155926)

[![Abandonned](https://audit.security.code-rhapsodie.fr/badge/018fdea7-1ba2-7bdf-abab-51452e155926?type=abandonned&version=little)](https://audit.security.code-rhapsodie.fr/en/project/018fdea7-1ba2-7bdf-abab-51452e155926)