VYPR

Liberty

by IBM

CVEs (5)

  • CVE-2017-1583HigOct 24, 2017
    risk 0.49cvss 7.5epss 0.03

    IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF.

  • CVE-2016-5983HigOct 5, 2016
    risk 0.49cvss 7.5epss 0.04

    IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.11, 9.0 before 9.0.0.2, and Liberty before 16.0.0.4 allows remote authenticated users to execute arbitrary Java code via a crafted serialized object.

  • CVE-2021-29842MedSep 16, 2021
    risk 0.35cvss 5.3epss 0.01

    IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts. IBM X-Force ID: 205202.

  • CVE-2020-4329MedApr 28, 2020
    risk 0.28cvss 4.3epss 0.01

    IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID:…

  • CVE-2015-0178Mar 18, 2015
    risk 0.00cvss epss 0.02

    The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1122 for Java does not properly support WAR applications, which allows remote attackers to obtain sensitive information via unspecified vectors.