CVE-2025-14914
published 2026-02-02CVE-2025-14914: IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences…
high7.6CVSS 3.1
AVNACHPRHUIRSCCHIHAH
IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | websphere_application_server | 17.0.0.3 – 26.0.0.1 | — |
| ibm | websphere_application_server_liberty | 17.0.0.3 – 26.0.0.1 | — |