Ibm Aspera Faspex 5
5 CVEs affecting Ibm Aspera Faspex 5. Latest disclosed: 2026-03-10. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-36226 | Medium | 5.4 | 2026-03-10 | IBM Aspera Faspex 5 5.0.0 through 5.0.14.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript… |
CVE-2025-36227 | Medium | 5.4 | 2026-03-10 | IBM Aspera Faspex 5 5.0.0 through 5.0.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allo… |
CVE-2025-36230 | Medium | 5.4 | 2025-12-26 | IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be exe… |
CVE-2025-36228 | Low | 3.8 | 2025-12-26 | IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that… |
CVE-2025-36229 | Low | 3.1 | 2025-12-26 | IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow authenticated users to enumerate sensitive information of data due by enumerating package identifiers. |