Search for vulnerabilities
| Vulnerability ID | VCID-wv2u-9bsk-3kdw |
| Aliases |
GHSA-6v6p-g8cg-2hgg
GMS-2022-564 |
| Summary | Improper Certificate Validation Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path. This affects eZ Platform v2.5 only. The maintainers resolved it by replacing node-sass 4.11 with sass 1.32.13. This issue also affects ezsystems/ezplatform and ezsystems/ezplatform-page-builder. |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| There are no known severity scores. | ||
| Reference id | Reference type | URL |
|---|---|---|
| https://developers.ibexa.co/security-advisories/ibexa-sa-2022-002-vulnerability-in-node-sass | ||
| https://github.com/ezsystems/ezplatform-admin-ui/releases/tag/v1.5.27 | ||
| CVE-2020-24025 | https://nvd.nist.gov/vuln/detail/CVE-2020-24025 | |
| GHSA-6v6p-g8cg-2hgg | https://github.com/advisories/GHSA-6v6p-g8cg-2hgg | |
| GHSA-6v6p-g8cg-2hgg | https://github.com/ezsystems/ezplatform-admin-ui/security/advisories/GHSA-6v6p-g8cg-2hgg | |
| GHSA-r8f7-9pfq-mjmv | https://github.com/advisories/GHSA-r8f7-9pfq-mjmv |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-06-02T04:41:57.915453+00:00 | GitLab Importer | Import | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/ezsystems/ezplatform-admin-ui/GMS-2022-564.yml | 38.6.0 |