JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Security update for java-11-openjdk (moderate)

This java-11-openjdk update to version jdk-11+24 fixes the following issues: Security issues fixed: - CVE-2018-2940: Fix unspecified vulnerability in subcomponent Libraries bsc1101645. - CVE-2018-2952: Fix unspecified vulnerability in subcomponent Concurrency bsc1101651. - CVE-2018-2972: Fix...

openSUSE Security Update : java-11-openjdk (openSUSE-2018-830)

This java-11-openjdk update to version jdk-11+24 fixes the following issues : Security issues fixed : - CVE-2018-2940: Fix unspecified vulnerability in subcomponent Libraries bsc1101645. - CVE-2018-2952: Fix unspecified vulnerability in subcomponent Concurrency bsc1101651. - CVE-2018-2972: Fix...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i, Rational Developer for AIX and Linux, Rational Developer for Power Systems Software (CVE-2014-4263, CVE-2014-3566, CVE-2014-3065, CVE-2014-6457)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 6, and 7 that are used by Rational Developer for i, Rational Developer for AIX and Linux, Rational Developer for Power Systems Software. This also includes a fix for the Padding Oracle On Downgraded Legacy...

Security Bulletin: Multiple vulnerabilities in the IBM Runtime Environments Java Technology Edition, Versions 6 and 7 in TPF Toolkit (CVE-2015-0204, CVE-2015-0478, CVE-2015-0488, CVE-2015-1916, CVE-2015-4000)

Summary Multiple security vulnerabilities exist in the IBM® Runtime Environments Java™ Technology Edition, Versions 6 and 7 that are shipped in TPF Toolkit. Vulnerability Details CVEID: CVE-2015-0204 DESCRIPTION: A vulnerability in the OpenSSL ssl3getkeyexchange function could allow a remote...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect TPF Toolkit (CVE-2015-1931, CVE-2015-2601, CVE-2015-2613, CVE-2015-2625, CVE-2015-4872)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by TPF Toolkit. These issues were disclosed as part of the IBM Java Runtime updates in July 2015 and October 2015. Vulnerability Details CVEID: CVE-2015-1931 DESCRIPTION: IBM Ja...

RHEL 7 : java-1.7.0-oracle (RHSA-2018:2254)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2254 advisory. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades...

JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Oracle Java SE Multiple Vulnerabilities (July 2018 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 10 Update 2, 8 Update 181, 7 Update 191, or 6 Update 201. It is, therefore, affected by multiple vulnerabilities related to the following components : - Concurrency. A difficult to exploit...

Oracle Java SE Multiple Vulnerabilities (July 2018 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 10 Update 2, 8 Update 181, 7 Update 191, or 6 Update 201. It is, therefore, affected by multiple vulnerabilities related to the following components : - Concurrency. A difficult to exploit...

CVE-2018-2973

CVE-2018-2973 is an Oracle Java SE/JSSE vulnerability affecting Java SE: 6u191, 7u181, 8u172, 10.0.1 and Java SE Embedded: 8u171. It can be exploited over the network with SSL/TLS by an unauthenticated attacker to cause unauthorized data modifications (integrity impact). Affected deployments load...

CVE-2018-2973

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM WebSphere Application Server Community Edition 3.0.0.4 related to Java Technology Edition Quarterly CPU - January 2015(CVE-2015-0383,CVE-2014-3566,CVE-2014-6593 and CVE-2015-0410)

Summary Multiple security vulnerabilities exist in IBM SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server Community 3.0.0.4. Vulnerability Details CVE-ID: CVE-2015-0383 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and JRockit related to the Hotspot...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM System Storage Storwize V7000 Unified (CVE-2014-6512 and CVE-2014-6457)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM System Storage Storwize V7000 Unified. This issue was disclosed as part of the IBM Java SDK updates in October 2014. Vulnerability Details CVEID: CVE-2014-6512 DESCRIPTION: A...

Security Bulletin: Multiple vulnerabilities in IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, and products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise

Summary Multiple vulnerabilities have been identified in IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, and in supporting products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Vulnerability Details This security bulletin covers multiple vulnerabilities in...

Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle July 2015 Critical Patch Update, plus CVE-2015-1931 Vulnerability Details CVE IDs: CVE-2015-2613 CVE-2015-2601 CVE-2015-4749 CVE-2015-2625 CVE-2015-1931 DESCRIPTION: This bulletin covers all applicable Java SE CVEs published by Oracle as part of thei...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM Tivoli System Automation Application Manager (CVE-2015-4000, CVE-2015-2613, CVE-2015-2601, CVE-2015-2625, CVE-2015-1931, CVE-2015-4749)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 5 and 7 that is used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam Attack on TLS...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM Tivoli System Automation for Multiplatforms (CVE-2015-4000, CVE-2015-2613, CVE-2015-2601, CVE-2015-2625, CVE-2015-1931, CVE-2015-4749)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 5 and 7 that is used by IBM Tivoli System Automation for Multiplatforms. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam Attack on TLS...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server April 2015 CPU shipped with Tivoli Netcool Performance Manager

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server as a component of IBM Tivoli Network Performance Manager . These issues were disclosed as part of the IBM Java SDK updates in April 2015. Vulnerability Details CVE...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime (April 2015)

Summary Addresses multiple vulnerabilities disclosed as part of the IBM Java SDK updates in April 2015. Vulnerability Details There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 6 that is used by Tivoli Composite Application Manager for SOA. These issues...