GMS-2022-23: IBX-1392: Image filenames sanitization

January 21, 2022

ezsystems/ezpublish-kernel versions 7.5.* before 7.5.26 are vulnerable to certain injection attacks and unauthorized access to some image files.

References

developers.ibexa.co/security-advisories/ibexa-sa-2022-001-image-filenames-sanitization%20
github.com/advisories/GHSA-44m4-9cjp-j587
github.com/ezsystems/ezpublish-kernel/releases/tag/v7.5.26
github.com/ezsystems/ezpublish-kernel/security/advisories/GHSA-44m4-9cjp-j587

Code Behaviors & Features

Detect and mitigate GMS-2022-23 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →