Websphere application server liberty
This hub aggregates every CVE we track for Websphere application server liberty, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
10
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM9HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
2024-082026-07
Latest CVEs
The 10 most recently published vulnerabilities affecting Websphere application server liberty.
- CVE-2026-1561IBM WebSphere Application Server Liberty Server-Side Request Forgery5.4
- CVE-2023-50312IBM WebSphere Application Server Liberty information disclosure5.3
- CVE-2021-39038IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading ...5.4
- CVE-2021-39031IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker coul...8.8
- CVE-2021-29842IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid lo...5.3
- CVE-2020-4590IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authentic...6.5
- CVE-2020-4421IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify. IBM X-Force ID: 180084.5.4
- CVE-2020-4329IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter ...4.3
- CVE-2020-4304IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt...6.1
- CVE-2020-4303IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt...6.1
Product normalization is registry-driven with AI assist and human review. How it works