Skip to content

IBX-1755: Login timing attack

Critical
glye published GHSA-2x4v-g8cx-jxrq May 31, 2022

Package

composer ibexa/core (Composer)

Affected versions

v4.0.*, v4.1.*

Patched versions

v4.0.7, v4.1.4

Description

Please see https://developers.ibexa.co/security-advisories/ibexa-sa-2022-006-vulnerabilities-in-page-builder-login-and-commerce

Severity

Critical

CVE ID

No known CVE

Weaknesses