Every CVE whose affected-product data names Ibexa Kernel, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-48367 — CVSS 9.8 (critical): An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled.
CVE-2022-48366 — CVSS 3.7 (low): An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack.