Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has fixed these vulnerabilities. Vulnerability Details CVEID: CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment component could allow an unauthenticated attacker to take control of the system. CVSS Base score: 7.5 CVSS...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2021and Jan 2022

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 8 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM Java SDK updates in Oct 2021 and Jan 20...

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 8.0.7.5. Vulnerability Details CVEID: CVE-2021-41035 DESCRIPTION:...

IBM Java 7.0 < 7.0.10.65 / 7.1 < 7.1.4.65 / 8.0 < 8.0.6.25 Multiple Vulnerabilities

The version of IBM Java installed on the remote host is prior to 7.0 7.0.10.65 / 7.1 7.1.4.65 / 8.0 8.0.6.25. It is, therefore, affected by multiple vulnerabilities as referenced in the Oracle April 14 2020 CPU advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE...

Security Bulletin: The IBM® Runtime Environments Java™ version shipped with IBM MDM SE engine, Workbench, and Brokers may not address all security vulnerabilities

Summary IBM® Runtime Environment Java™ Technology Edition, Version 1.6 shipped with IBM MDM SE engine, Workbench, and Brokers contains multiple vulnerabilities. IBM MDM SE engine, Workbench, and Brokers has addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2015-0138 DESCRIPTION: A...

Security Bulletin: Vulnerability in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional

Summary This vulnerability was disclosed as part of the IBM Java SDK updates in October 2021 , IBM WebSphere Cast Iron Solution & App Connect Professional have addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: An unspecified vulnerability in Java SE related to...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterprise

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Integration Bus & IBM App Connect Enterprise. These issues were disclosed as part of the IBM Java SDK updates in October 2021. Vulnerability Details CVEID: CVE-2021-35578 DESCRIPTION: An unspecified...

Amazon Corretto Java 11.x < 11.0.6.10.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 11 11.0.6.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2020-Jan-15 advisory. - Serialization CVE-2020-2583, CVE-2020-2604 - Security CVE-2020-2590, CVE-2020-2601 - Networking...

Amazon Corretto Java 11.x < 11.0.4.11.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 11 11.0.4.11.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2019-Jul-16 advisory. - Security CVE-2019-2745, CVE-2019-2786, CVE-2019-2818 - Utilities CVE-2019-2762, CVE-2019-2769 -...

Amazon Corretto Java 8.x < 8.242.07.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 8 8.242.07.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2020-Jan-14 advisory. - OpenJFX libxslt CVE-2019-13117, CVE-2019-13118 - OpenJFX SQLite CVE-2019-16168 - Serialization...

Security Bulletin: Vulnerability in IBM Java JRE affects IBM InfoSphere Identity Insight (CVE-2021-35578)

Summary A vulnerability in the IBM Java JRE affects IBM InfoSphere Identity Insight. An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology used by IBM WebSphere Cast Iron Solution & App Connect Professional. These issues were disclosed as part of the IBM Java SDK updates in October 2021 , IBM WebSphere Cast Iron Solution & App Connect Professional have addressed...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect SPSS Collaboration and Deployment Services

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 and 8 used by SPSS Collaboration and Deployment Services. These issues were disclosed as part of the IBM Java SDK updates. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: An unspecified vulnerability i...

RHEL 8 : java-1.8.0-ibm (RHSA-2022:0970)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0970 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

RHEL 7 : java-1.8.0-ibm (RHSA-2022:0968)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0968 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

Security Bulletin: A vulnerability in Java SE affects IBM Control Center (CVE-2021-35603)

Summary A number of operations in the JSSE component are implemented in a way that means they could be exploited by anattacker in a side-channel attack due to timing differences. The fix ensures that the operations complete in constant-time. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION...

Security Bulletin: A vulnerability in IBM® SDK, Java™ may affect IBM Decision Optimization Center (CVE-2021-35603)

Summary There is a vulnerability in IBM® Java™ versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component...

Security Bulletin: CVE-2021-35603 may affect IBM® SDK, Java™ Technology Edition

Summary CVE-2021-35603 was disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Collector for SAP Applications

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 7 and Java™ Version 8 that is used by IBM Content Collector for SAP Applications. These issues were disclosed as part of the IBM Java SDK updates in Oct 2021. Vulnerability Details CVEID: CVE-2021-35578...

Security Bulletin: February 2022 :Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should...