Ecosystem	Package	Version

Vulnerabilities

CVE-2022-48367

CVE-2022-48367

An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled.

Published Feb 6, 2026

https://github.com/advisories/GHSA-h5v2-wrhp-5v35

CVSS ScoreCritical

9.8

Ecosystem	Package	Version


composer	ezsystems/ezpublish-kernel	v7.5.0
composer	ezsystems/ezpublish-kernel	v7.5.10
composer	ezsystems/ezpublish-kernel	v7.5.11
composer	ezsystems/ezpublish-kernel	v7.5.12
composer	ezsystems/ezpublish-kernel	v7.5.13
composer	ezsystems/ezpublish-kernel	v7.5.14
composer	ezsystems/ezpublish-kernel	v7.5.15.1
composer	ezsystems/ezpublish-kernel	v7.5.15.2
composer	ezsystems/ezpublish-kernel	v7.5.15
composer	ezsystems/ezpublish-kernel	v7.5.16
composer	ezsystems/ezpublish-kernel	v7.5.17
composer	ezsystems/ezpublish-kernel	v7.5.18
composer	ezsystems/ezpublish-kernel	v7.5.19
composer	ezsystems/ezpublish-kernel	v7.5.1
composer	ezsystems/ezpublish-kernel	v7.5.20
composer	ezsystems/ezpublish-kernel	v7.5.21
composer	ezsystems/ezpublish-kernel	v7.5.22
composer	ezsystems/ezpublish-kernel	v7.5.23
composer	ezsystems/ezpublish-kernel	v7.5.24
composer	ezsystems/ezpublish-kernel	v7.5.25
composer	ezsystems/ezpublish-kernel	v7.5.26
composer	ezsystems/ezpublish-kernel	v7.5.27
composer	ezsystems/ezpublish-kernel	v7.5.2
composer	ezsystems/ezpublish-kernel	v7.5.3
composer	ezsystems/ezpublish-kernel	v7.5.4
composer	ezsystems/ezpublish-kernel	v7.5.5
composer	ezsystems/ezpublish-kernel	v7.5.6-rc1
composer	ezsystems/ezpublish-kernel	v7.5.6.2
composer	ezsystems/ezpublish-kernel	v7.5.6
composer	ezsystems/ezpublish-kernel	v7.5.7-rc1
composer	ezsystems/ezpublish-kernel	v7.5.7.1
composer	ezsystems/ezpublish-kernel	v7.5.7
composer	ezsystems/ezpublish-kernel	v7.5.8
composer	ezsystems/ezpublish-kernel	v7.5.9.1
composer	ezsystems/ezpublish-kernel	v7.5.9

CVE-2022-48367 | Components Impacted | Sonatype Guide | Sonatype Guide