MiracleLinux 7 : java-11-openjdk-11.0.5.10-0.el7 (AXSA:2019-4349:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4349:04 advisory. OpenJDK: Improper handling of Kerberos proxy credentials Kerberos, 8220302 CVE-2019-2949 OpenJDK: Unexpected exception thrown during regular...

Oracle Linux 8 : java-1.8.0-openjdk (ELSA-2019-3134)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3134 advisory. 1:1.8.0.232.b09-0 - Update to aarch64-shenandoah-jdk8u232-b09. - Switch to GA mode for final release. - Remove PR1834/RH1022017 which is now handled by...

Oracle Linux 8 : java-11-openjdk (ELSA-2019-3135)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3135 advisory. 1:11.0.5.10-0.0.1 - link atomic for ix86 build Livy Ge 1:11.0.5.10-0 - Update to shenandoah-jdk-11.0.5+10 GA - Switch to GA mode for final release. -...

Security Bulletin: CVE-2019-2949 may affect IBM® SDK, Java™ Technology Edition used in Liberty for Java

Summary CVE-2019-2949 was disclosed in the Oracle October 2019 Critical Patch Update Vulnerability Details CVEID:CVE-2019-2949 DESCRIPTION: An unspecified vulnerability in Java SE related to the Kerberos component could allow an unauthenticated attacker to obtain sensitive information resulting i...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Digital Business Automation Workflow family products (Java CPU April 2020 plus deferred CVE-2019-2949 and CVE-2020-2654)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow, IBM Business Process Manager, and WebSphere Enterprise Service Bus. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a securi...

IBM Java 7.0 < 7.0.10.55 / 7.1 < 7.1.4.55 / 8.0 < 8.0.6.10 Multiple Vulnerabilities

The version of IBM Java installed on the remote host is prior to 7.0 7.0.10.55 / 7.1 7.1.4.55 / 8.0 8.0.6.10. It is, therefore, affected by multiple vulnerabilities as referenced in the Oracle October 15 2019 CPU advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE...

Amazon Corretto Java 8.x < 8.232.09.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 8 8.232.09.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2019-Oct-15 advisory. - security-libs/javax.net.ssl CVE-2019-2894, CVE-2019-2949 - core-libs CVE-2019-2933 -...

Mageia: Security Advisory (MGASA-2019-0302)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2021-2300)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:2998-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3084-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3083-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:1685-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0025-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:1684-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects IBM Storwize V7000 Unified

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Storwize V7000 Unified. Vulnerability Details CVEID: CVE-2019-2949 DESCRIPTION: An unspecified vulnerability in Java SE related to the Kerberos component could allow an...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2021-1310)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A Security Vulnerability Has Been Identified In IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Federated Identity Manager (CVE-2019-2949)

Summary IBM® SDK, Java™ Technology Edition is shipped with IBM Tivoli Federated Identity Manager. Information about a security vulnerability affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

CentOS 8 : java-1.8.0-openjdk (CESA-2019:3134)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3134 advisory. - OpenJDK: Missing restrictions on use of custom SocketImpl Networking, 8218573 CVE-2019-2945 - OpenJDK: Improper handling of Kerberos proxy credential...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7.0.10.50 used by IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. This issue was disclosed as part of the IBM Java SDK updates in October 2019. Vulnerability Details CVEID: CVE-2019-2949 DESCRIPTION: An...