Search Results (Refine Search)
- CPE Product Version: cpe:/a:ibm:websphere_application_server:9.0.5.1::~~-~~~
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-4782 |
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. Published: October 28, 2020; 1:15:13 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2019-4441 |
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 163177. Published: October 03, 2019; 10:15:11 AM -0400 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |