Vulnerabilities > IBM > Websphere Application Server > 19.0.0.2

DATE CVE VULNERABILITY TITLE RISK
2021-05-26 CVE-2021-20492 XXE vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
8.2
8.2
2020-09-21 CVE-2020-4590 Unspecified vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client.
network
low complexity
ibm
6.5
6.5
2020-05-06 CVE-2020-10693 A flaw was found in Hibernate Validator version 6.1.2.Final.
network
low complexity
redhat ibm quarkus oracle
5.3
5.3
2020-04-28 CVE-2020-4329 Unspecified vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking.
network
low complexity
ibm
4.3
4.3
2020-04-02 CVE-2020-4304 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2020-04-02 CVE-2020-4303 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2020-01-31 CVE-2019-4720 Allocation of Resources Without Limits or Throttling vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request.
network
low complexity
ibm CWE-770
7.5
7.5
2019-12-10 CVE-2019-4663 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-10-03 CVE-2019-4441 Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser.
network
low complexity
ibm CWE-209
5.3
5.3
2019-09-30 CVE-2019-4305 Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie.
network
low complexity
ibm CWE-565
5.3
5.3