Vulnerabilities > IBM > Datapower Gateway > 7.7.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-07 | CVE-2018-1666 | Unspecified vulnerability in IBM Datapower Gateway IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through 7.7.1.3 could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. | 4.3 |
| 2018-12-20 | CVE-2018-1677 | Improper Handling of Exceptional Conditions vulnerability in IBM Datapower Gateway IBM DataPower Gateways 7.1, 7.2, 7.5, 7.5.1, 7.5.2, 7.6, and 7.7 and IBM MQ Appliance are vulnerable to a denial of service, caused by the improper handling of full file system. | 5.5 |
| 2018-12-13 | CVE-2018-1667 | Cross-site Scripting vulnerability in IBM Datapower Gateway IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 is vulnerable to cross-site scripting. | 5.4 |
| 2018-12-13 | CVE-2018-1665 | Inadequate Encryption Strength vulnerability in IBM Datapower Gateway IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |