MiracleLinux 9 : java-11-openjdk-11.0.25.0.9-2.el9.ML.1 (AXSA:2024-8933:18)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8933:18 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-212...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.432.b06-2.el8 (AXSA:2024-8930:18)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8930:18 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-212...

MiracleLinux 8 : java-11-openjdk-11.0.25.0.9-2.el8 (AXSA:2024-8931:17)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8931:17 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-212...

Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU plus two additional CVEs

Summary Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU with CVEs CVE-2024-21217, CVE-2024-21208, CVE-2024-10917, CVE-2024-9143 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

TencentOS Server 2: java-1.8.0-openjdk (TSSA-2024:0864)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0864 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TencentOS Server 3: java-17-openjdk (TSSA-2024:0732)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0732 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0235: java-17-openjdk (ALINUX3-SA-2024:0235)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0235 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-48161: Buffer Overflow...

Alibaba Cloud Linux 3 : 0233: java-1.8.0-openjdk (ALINUX3-SA-2024:0233)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0233 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-48161: Buffer Overflow...

Security Bulletin: IBM Planning Analytics is affected by vulnerabilities in IBM® Java™ Version 8 and IBM® Semeru Runtime

Summary There are vulnerabilities in IBM® Java™ Version 8 and IBM® Semeru Runtime used by IBM Planning Analytics and IBM Planning Analytics Workspace. Please refer to the Related Information section below for vulnerability impact. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by AIX. AIX has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit vulnerability allows...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (January 2025 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1.5.24 and earlier, 8.0.8.35 and earlier, and IBM Semeru Version 21.0.5.0 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in January 2025. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and Runtime Environment updates in the Oracle October 2024 Critical Pat...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for December 2024 and January 2025

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF039 and 24.0.0-IF004. Vulnerability Details CVEID:CVE-2023-48161 DESCRIPTION: GifLib Project GifLib could allow a local attacker to obtain sensitive information, caused by a heap-based buff...

Ubuntu: Security Advisory (USN-7339-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2024 - Includes Oracle October 2024 CPU plus CVE-2024-10917

Summary Multiple Vulnerabilities were disclosed as part of the JAVA SE March 2025 Critical Patch Update Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Security Bulletin: Security vulnerabilities in Java SE shipped with IBM CICS TX Standard.

Summary There are multiple vulnerabilities in the Java SE version that is shipped with IBM CICS TX Standard. An update to IBM CICS TX Standard has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot...

Security Bulletin: IBM MQ Appliance is affected by multiple Java vulnerabilities (CVE-2024-10197, CVE-2024-21208 and CVE-2024-21217)

Summary IBM MQ Appliance has addressed multiple Java vulnerabilities. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

Security Bulletin: IBM Sterling Connect:Direct for Unix is vulnerable to denial of service and arbitrary code execution attacks due to IBM Runtime Environment Java Technology Edition Version 17

Summary IBM Java 17 is used by IBM Sterling Connect:Direct for Unix in product configuration and management. IBM Sterling Connect:Direct for Unix is impacted by denial of service and arbitrary code execution attacks due to IBM Java 17. IBM Sterling Connect:Direct for Unix has upgraded IBM Java 17...

Security Bulletin: Vulnerabilities in IBM Java SDK (CVE-2024-21217, CVE-2024-21208, CVE-2024-10917) affect Power HMC.

Summary The IBM Java SDK library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit vulnerability allows unauthenticated attacker...

Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u442 build 06 with OpenJ9 0.49.0 virtual machine. CVE-2024-21235: unauthorized read/write access to data through the Hotspot component. bsc1231719 CVE-2024-21217: partial denial-of-service through the Serialization...