Aspera Faspex Security Vulnerabilities and Issues — Aspera Faspex CVE List

Lucene search

IbmAspera Faspex

3 matches found

CVE•added 2025/05/22 5:15 p.m.•47 views

CVE-2025-33138

IBM Aspera Faspex 5.0.0 through 5.0.12 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.

6.1CVSS5.8AI score0.00044EPSS

CVE•added 2025/05/22 5:15 p.m.•46 views

CVE-2025-33136

IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to improper protection of assumed immutable data.

8.8CVSS6.6AI score0.00045EPSS

CVE•added 2025/05/22 5:15 p.m.•45 views

CVE-2025-33137

IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to client-side enforcement of server-side security.

8.8CVSS6.6AI score0.00058EPSS