119 matches found
MiracleLinux 9 : java-11-openjdk-11.0.15.0.10-1.el9 (AXSA:2022-3958:15)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3958:15 advisory. OpenJDK: Defective secure validation in Apache Santuario Libraries, 8278008 CVE-2022-21476 OpenJDK: Unbounded memory allocation when compiling craft...
MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.332.b09-1.el7 (AXSA:2022-3153:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3153:03 advisory. OpenJDK: Defective secure validation in Apache Santuario Libraries, 8278008 CVE-2022-21476 OpenJDK: Unbounded memory allocation when compiling craft...
Security Bulletin: IBM Rational Build Forge is vulnerable and could allow unauthenticated attacker to cause multiple impacts due to the use of JNDI component (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)
Summary IBM JDK used by IBM Rational Build Forge. This fix includes IBM JDK 8.0.7.10 which is based on jdk8u331-b09 Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no...
Security Bulletin: Multiple Security Vulnerabilities have been fixed in the IBM Directory Server and IBM Directory Suite products (CVE-2022-21496, CVE-2021-35550, CVE-2021-2163, CVE-2021-35603)
Summary Multiple Security Vulnerabilities in the IBM Java SDK as shipped with the IBM Directory Server and IBM Directory Suite products have been fixed. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an...
Advisory ROSA-SA-2023-2136
Software: java-11-openjdk 11.0.18.0.10-1 OS: rosa-server79 packageevrstring: 11.0.18.0.10-1 CVE-ID: CVE-2022-21365 BDU-ID: 2022-02011 CVE-Crit: MEDIUM CVE-DESC: A vulnerability in the ImageIO component of the Oracle Java SE software platform and Oracle GraalVM Enterprise Edition virtual machine i...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1, 8.0 and 11.0 used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. CICS Transaction Gateway has addressed a CVE that could allow an unauthenticated attacker ...
Security Bulletin: IBM CICS TX Advanced is vulnerable to several no confidentiality exposures due to IBM SDK, Java Technology Edition
Summary IBM SDK, Java Technology Edition is used by CICS TX Advanced to run WebSphere Liberty, Fix Installer and Java based CICS applications. The fix removes the no confidentiality exposure vulnerabilities CVE-2022-21496, CVE-2022-21434 and CVE-2022-21443 from IBM SDK, JTE. Vulnerability Details...
Security Bulletin: Unspecified vulnerability in Java Affects IBM Infosphere Global Name Management (CVE-2022-21496)
Summary The Java used in IBM Global Name Management has an unspecified vulnerability related to the JNDI component. Within GNM, this issue only affects ENS, a part of GNM 6 installed by a small minority of GNM customers. For GNM customers not using ENS, there is no vulnerability. Vulnerability...
Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition affect IBM Workload Scheduler.
Summary Vulnerabilities in IBM® SDK Java™ Technology Edition potentially affect IBM Workload Scheduler. These issues were disclosed as part of the Oracle April 2022 Critical Patch Update. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An...
Security Bulletin: FileNet Content Manager (FNCM) has multiple IBM Java security vulnerabilities
Summary FileNet Content Manager FNCM has multiple IBM Java security vulnerabilities in Content Platform Engine CPE. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no...
Security Bulletin: Vulnerability in SANNav Software used by IBM b-type SAN directors and switches.
Summary The SANnav Management Portal and Global View products are vulnerable due to an OpenSSL issue. The vulnerability has been addressed and can be resolved by applying the SANnav code level listed below. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerability in Ja...
Security Bulletin: A vulnerability exists in IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Necool Configuration Manager (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443).
Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Netcool Configuration Manager v6.4.2, which was disclosed in the Oracle April 2022 Critical Patch Update. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerabilit...
Security Bulletin: A vulnerability exists in the IBM® SDK Java™ Technology Edition affecting IBM Tivoli Network Manager (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443).
Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2, which was disclosed in the Oracle April 2022 Critical Patch Update. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerability in...
Security Bulletin: Vulnerabilities in Java and IBM WebSphere Application Server Liberty affects IBM Cloud Application Business Insights - CVE-2022-21496, CVE-2022-21434, CVE-2022-21443, CVE-2022-22475, CVE-2022-22476, CVE-2022-21540 & CVE-2022-21541
Summary Vulnerabilities in Java and IBM WebSphere Application Server Liberty affects IBM Cloud Application Business Insights - CVE-2022-21496, CVE-2022-21434, CVE-2022-21443, CVE-2022-22475, CVE-2022-22476, CVE-2022-21540 & CVE-2022-21541 Vulnerability Details CVEID:CVE-2022-21541 DESCRIPTION: An...
Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights
Summary Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights 1.3.6 or earlier. The following vulnerabilities have been addressed: CVE-2021-35550, CVE-2021-35603 causing no confidentiality impact , CVE-2022-21248, CVE-2022-21291,...
Security Bulletin: IBM® SDK Java™ Technology Edition, is used by IBM Tivoli Application Dependency Discovery Manager (TADDM) and is vulnerable to a denial of service (CVE-2021-35561, CVE-2022-21443, CVE-2022-21434,CVE-2022-21496,CVE-2022-21299).
Summary IBM® SDK Java™ Technology Edition, is used by IBM Tivoli Application Dependency Discovery Manager TADDM and is vulnerable to a denial of service CVE-2021-35561, CVE-2022-21443, CVE-2022-21434,CVE-2022-21496,CVE-2022-21299. Vulnerability Details CVEID:CVE-2022-21299 DESCRIPTION: An...
Security Bulletin: IBM SDK, Java Technology Edition, Security Update July 2022
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that is used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates up to July 2022. IBM 8 SR7 FP15 1.8.0341. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An...
AlmaLinux 9 : java-1.8.0-openjdk (ALSA-2022:2137)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:2137 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...
AlmaLinux 9 : java-17-openjdk (ALSA-2022:1729)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1729 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...
AlmaLinux 9 : java-11-openjdk (ALSA-2022:1728)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1728 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...