IBM Aspera High Speed Transfer Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in IBM Aspera High Speed Transfer Server.
By the Year
In 2026 there have been 4 vulnerabilities in IBM Aspera High Speed Transfer Server with an average score of 8.2 out of ten. Aspera High Speed Transfer Server did not have any published security vulnerabilities last year. That is, 4 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 4 | 8.15 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 4.30 |
It may take a day or so for new Aspera High Speed Transfer Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Aspera High Speed Transfer Server Security Vulnerabilities
IBM Aspera asperahttpd Arbitrary File Read 3.7.4-4.4.7
CVE-2026-9035
6.5 - Medium
- May 27, 2026
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential arbitrary file read in the asperahttpd component. An authenticated user may be able to take advantage of this vulnerability to access files in the servers local storage that they should not have access to.
Directory traversal
IBM Aspera High-Speed Transfer Endpoint 3.7.4-4.4.7 FP1 DoS via asperahttpd
CVE-2026-8180
7.5 - High
- May 27, 2026
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential denial of service in the asperahttpd component. An unauthenticated user can cause the asperahttpd service to crash.
NULL Pointer Dereference
IBM Aspera Buffer Overflow in asperahttpd 3.7.44.4.7
CVE-2026-8179
8.8 - High
- May 27, 2026
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could allow an authenticated user to execute arbitrary code on the system.
Stack Overflow
IBM Aspera HTTPD Buffer Overflow (3.7.44.4.7 FP1) DoS & RCE
CVE-2026-8175
9.8 - Critical
- May 27, 2026
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could be exploited to cause a denial of service and potentially lead to authentication bypass or remote code execution.
Heap-based Buffer Overflow
IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files
CVE-2022-22391
4.3 - Medium
- April 14, 2022
IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Aspera High Speed Transfer Server or by IBM? Click the Watch button to subscribe.
