[MEDIUM] ibexa/post-install affected by Breach with Varnish VCL

PKSA-x68y-dwny-h1ky GHSA-4h8f-c635-25p7

Affected version: >=4.6.0,<4.6.14|>=1.0.0,<1.0.16

Reported by:
GitHub

[HIGH] Any storage file can be downloaded from p.sh if full server path is known

PKSA-hjqh-8592-3fbp GHSA-gqcf-83rq-gpfr

Affected version: <=1.0.4

Reported by:
GitHub