Vulnerabilities > IBM > Cloud PAK FOR Automation > 21.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-18 | CVE-2021-29872 | Improper Encoding or Escaping of Output vulnerability in IBM Cloud PAK for Automation IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 3.5 |
| 2021-06-28 | CVE-2021-29775 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 19.0.03 and 20.0 and IBM Cloud Pak for Automation 20.0.3-IF002 and 21.0.1 are vulnerable to cross-site scripting. | 4.3 |