Websphere Application Server Liberty Security Vulnerabilities and Issues — Websphere Application Server Liberty CVE List

Lucene search

IbmWebsphere Application Server Liberty

4 matches found

CVE•added 2022/09/09 4:15 p.m.•126 views

CVE-2022-34165

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cac...

5.4CVSS5AI score0.00065EPSS

CVE•added 2022/02/24 5:15 p.m.•86 views

CVE-2021-39038

IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack t...

5.4CVSS5.5AI score0.00032EPSS

CVE•added 2021/09/16 4:15 p.m.•66 views

CVE-2021-29842

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts. IBM X-Force ID: 205202.

5.3CVSS5.3AI score0.00088EPSS

CVE•added 2020/05/06 2:15 p.m.•62 views

CVE-2020-4421

IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify. IBM X-Force ID: 180084.

5.5CVSS5.7AI score0.0017EPSS