Ibm Engineering Lifecycle Optimization Publishing
12 CVEs affecting Ibm Engineering Lifecycle Optimization Publishing. Latest disclosed: 2025-01-04. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-41766 | High | 7.5 | 2025-01-04 | IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause a denial of service using a complex regular express… |
CVE-2024-41767 | High | 7.3 | 2025-01-04 | IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statemen… |
CVE-2024-41765 | Medium | 6.5 | 2025-01-04 | IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send… |
CVE-2024-41768 | Medium | 6.5 | 2025-01-04 | IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause an unhandled SSL exception which could leave the con… |
CVE-2023-45188 | Medium | 6.5 | 2024-06-09 | IBM Engineering Lifecycle Optimization Publishing 7.0.2 and 7.03 could allow a remote attacker to upload arbitrary files, caused by the improper validation of… |
CVE-2021-39019 | Medium | 6.5 | 2022-07-14 | IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET reque… |
CVE-2024-41763 | Medium | 5.9 | 2025-01-04 | IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt… |
CVE-2021-39017 | Medium | 5.7 | 2022-07-14 | IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by im… |
CVE-2021-39028 | Medium | 5.4 | 2022-07-14 | IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTTP header injection, caused by improper validation… |
CVE-2021-39015 | Medium | 5.4 | 2022-07-14 | IBM Engineering Lifecycle Optimization - Publishing 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbit… |
CVE-2021-39018 | Medium | 4.3 | 2022-07-14 | IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that coul… |
CVE-2021-39016 | Medium | 4.3 | 2022-07-14 | IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic… |