Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2019 - Includes Oracle Oct 2019 CPU minus CVE-2019-2949

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 SR10-FP55 and Version 8 SR6-FP0 used by IBM Tivoli Application Dependency Discovery Manager TADDM. These issues were disclosed as part of the IBM Java SDK updates in Oct2019. Vulnerability Details...

MiracleLinux 7 : java-11-openjdk-11.0.5.10-0.el7 (AXSA:2019-4349:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4349:04 advisory. OpenJDK: Improper handling of Kerberos proxy credentials Kerberos, 8220302 CVE-2019-2949 OpenJDK: Unexpected exception thrown during regular...

Security Bulletin: Java vulnerabilities affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in Java SE affects IBM SAN Volume Controller, IBM Storwize V7000, V5000, V5100, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The applicable vulnerabilities are CVE-2019-2989...

K55136511: Java SE vulnerabilities CVE-2019-2978 and CVE-2019-2989

Security Advisory Description CVE-2019-2978 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows...

Security Bulletin: Oct 2019 : Multiple vulnerabilities in IBM Java Runtime affect IBM CICS TX on Cloud

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8.0 used by IBM CICS TX on Cloud. IBM CICS TX on Cloud has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2019-2989 DESCRIPTION: An unspecified vulnerability in Java SE could allow an...

Security Bulletin: CVE-2019-2989 vulnerabilitiy in IBM Java Runtime affects IBM Integration Designer used in IBM Business Automation Workflow and IBM Business Process Manager

Summary A vulnerabilitiy exists in IBM® Runtime Environment Java™ Versions 7 and 8 used by IBM Integration Designer. IBM Integration Designer has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2019-2989 DESCRIPTION: An unspecified vulnerability in Java SE could allow an...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Global Name Management (CVE-2019-2989, CVE-2019-2978, CVE-2019-2983)

Summary There are multiple vulnerabilities in the IBM Java SDK that is used by IBM WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. Vulnerability Details Refer to the security bulletinss listed in the Remediation/Fixes section Affected Products and Versions...

Amazon Corretto Java 8.x < 8.232.09.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 8 8.232.09.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2019-Oct-15 advisory. - security-libs/javax.net.ssl CVE-2019-2894, CVE-2019-2949 - core-libs CVE-2019-2933 -...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2989, CVE-2020-2593 and CVE-2019-4732 )

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control formerly Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates for October 2019 and January 2020. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Spectrum Protect Snapshot for VMware (CVE-2019-2989)

Summary Vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in October 2019. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for VMware. Updated 18 March 2020: Added link to 4.1.6.9...

Mageia: Security Advisory (MGASA-2019-0302)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Oct 2019 : Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Versions 7.0, 7.1, and 8.0 used by CICS Transaction Gateway for Multiplatforms CICS TG. CICS TG has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered wi...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2021-2300)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:14263-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:2998-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM DataPower Gateway

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM DataPower Gateway. IBM DataPower Gateway has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-2989 DESCRIPTION: An unspecified vulnerability in Java SE could allow an...

EulerOS 2.0 SP3 : java-1.7.0-openjdk (EulerOS-SA-2021-1805)

According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected...

SUSE: Security Advisory (SUSE-SU-2019:3084-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3083-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0051-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...