Name of the Vulnerable Software and Affected Versions: ibexa post-install versions prior to the patched versions

Description: The issue is related to the BREACH vulnerability, which affects HTTP compression and can allow secrets to be extracted through carefully crafted requests. This is due to included platform.sh Varnish VCL templates and Apache/Nginx vhost templates enabling compression of API and JSON messages. To mitigate this, it is recommended to disable compression in these templates.

Recommendations: For all affected versions, disable HTTP compression for REST API requests and other communication that might contain secrets. Make sure to update your configuration files according to the release notes for specific instructions.

Note: The provided input does not specify the exact patched versions, so it is assumed that any version prior to the ones mentioned in the patches section is vulnerable.