ibexa/user Security Advisories for v5.0.1 (2)
-
[CRITICAL] Ibexa User Bundle is missing password change validation
PKSA-tp68-m26r-qqm9 CVE-2025-67719 GHSA-x93p-w2ch-fg67
Affected version: >=5.0.0-beta1,<5.0.4
Reported by:
GitHub -
[MEDIUM] ibexa/user login enumerates user accounts
PKSA-193d-p3tz-4pbs GHSA-q3x8-6898-23g3
Affected version: >=5.0.0,<5.0.3
Reported by:
GitHub