Vulnerabilities > IBM > Websphere Application Server > 21.0.0.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-31 | CVE-2024-22353 | Resource Exhaustion vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 is vulnerable to a denial of service, caused by sending a specially crafted request. | 7.5 |
| 2022-09-09 | CVE-2022-34165 | Injection vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. | 5.4 |
| 2022-07-08 | CVE-2022-22476 | Authentication Bypass by Spoofing vulnerability in IBM Open Liberty and Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. | 6.0 |
| 2022-05-17 | CVE-2022-22475 | Unspecified vulnerability in IBM Open Liberty and Websphere Application Server IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. | 6.5 |
| 2022-05-13 | CVE-2022-22393 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. network ibm | 3.5 |
| 2022-02-24 | CVE-2021-39038 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the clicking action of the victim. | 3.5 |
| 2022-01-25 | CVE-2021-39031 | Injection vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. | 6.5 |
| 2022-01-19 | CVE-2022-22310 | Unspecified vulnerability in IBM Websphere Application Server 21.0.0.10/21.0.0.12 IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. | 6.5 |