Vulnerabilities > IBM > Cloud PAK FOR Automation > 19.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-18 | CVE-2021-29872 | Improper Encoding or Escaping of Output vulnerability in IBM Cloud PAK for Automation IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 3.5 |
| 2020-04-02 | CVE-2020-4325 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM products The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. | 4.0 |