Vulnerabilities > IBM > Cloud PAK FOR Automation > 21.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-18 | CVE-2021-29872 | Improper Encoding or Escaping of Output vulnerability in IBM Cloud PAK for Automation IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 5.4 |
| 2021-12-21 | CVE-2021-38966 | Cross-site Scripting vulnerability in IBM Cloud PAK for Automation and Workflow Process Service IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site scripting. | 5.4 |