Websphere Application Server Liberty@* Security Vulnerabilities and Issues — Websphere Application Server Liberty@* CVE List

Lucene search

IbmWebsphere Application Server Liberty*

8 matches found

CVE•added 2024/03/01 3:15 a.m.•114 views

CVE-2023-50312

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274711.

6.5CVSS5.1AI score0.00034EPSS

CVE•added 2024/03/31 12:15 p.m.•111 views

CVE-2024-22353

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 280400.

7.5CVSS6.5AI score0.00019EPSS

CVE•added 2024/04/17 1:15 a.m.•111 views

CVE-2024-22354

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.5 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information, consume memo...

7CVSS6.9AI score0.00014EPSS

CVE•added 2024/04/04 6:15 p.m.•97 views

CVE-2024-27268

IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 284574.

7.5CVSS5.9AI score0.00171EPSS

CVE•added 2024/03/27 1:15 p.m.•96 views

CVE-2024-27270

IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in a specially crafted URI. IBM X-Force ID: 284576.

6.1CVSS4.5AI score0.00052EPSS

CVE•added 2024/04/25 1:15 p.m.•88 views

CVE-2024-25026

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. ...

7.5CVSS6.3AI score0.00019EPSS

CVE•added 2024/04/17 2:15 a.m.•86 views

CVE-2024-22329

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this vulnerability to conduct the SSRF attack. X-Force ID: 279951.

4.3CVSS5.7AI score0.00027EPSS

CVE•added 2024/08/14 6:15 p.m.•81 views

CVE-2023-50314

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713.

7.5CVSS5AI score0.00068EPSS