Security Advisories - ezsystems/ezpublish-legacy - Packagist

ezsystems/ezpublish-legacy Security Advisories for v2017.12.4.2 (3)

IBEXA-SA-2020-006 Object Injection in legacy shop module

PKSA-21zv-zmv6-8djw

Affected version: >=2019.3.0,<2019.3.5.1|>=2017.12.0,<2017.12.7.3|>=5.4.0,<5.4.14.2

Reported by:
FriendsOfPHP/security-advisories
EZSA-2020-001 Remote code execution in file uploads

PKSA-8zqw-67xm-djp1

Affected version: >=2019.3.0,<2019.3.4.2|>=2017.12.0,<2017.12.7.2|>=5.4.0,<5.4.14.1

Reported by:
FriendsOfPHP/security-advisories
EZSA-2018-009 Do not interpret PHP/PHAR uploads

PKSA-pyck-srww-rjvt

Affected version: >=2018.9.0,<2018.9.1.3|>=2018.6.0,<2018.6.1.4|>=2011.0.0,<2017.12.4.3|>=5.4.0,<5.4.12.3|>=5.3.0,<5.3.12.6

Reported by:
FriendsOfPHP/security-advisories