Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect API Connect

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by IBM API Connect. These issues were disclosed as part of the IBM Java SDK updates in January 2017 and April 2017. Vulnerability Details CVEID: CVE-2016-5546 DESCRIPTION: An unspecified vulnerability related to the...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere Extreme Scale

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6, 7 and 8 used by WebSphere Extreme Scale. These issues were disclosed as part of the IBM Java SDK updates in January 2017 and April 2017. Vulnerability Details If you run your own Java code using the IBM Java...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere DataPower XC10 Appliance

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6 and 7 that affect the WebSphere DataPower XC10 Appliance. These issues were disclosed as part of the IBM Java SDK updates in Jan 2017. Vulnerability Details CVEID: CVE-2016-5548 DESCRIPTION: An unspecified...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM® Development Package for Apache Spark

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8.0 that is used by IBM Development Package for Apache Spark. These issues are disclosed as part of the IBM Java SDK updates in April 2017. IBM Development Package for Apache Spark is providing an IBM Java SD...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Support Assistant Team Server

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8.0 used by IBM Support Assistant Team Server. These issues were disclosed as part of the IBM Java SDK updates in Jan 2017. Vulnerability Details If you run your own Java code using the IBM Java Runtime deliver...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere DataPower XC10 Appliance (CVE-2016-5597)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6, 7 and 8 used by affect WebSphere DataPower XC10 Appliance. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5597 DESCRIPTION: An unspecifie...

Security Bulletin: A vulnerability in Java runtime from IBM affects IBM WebSphere MQ and IBM MQ Appliance (CVE-2016-5597)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 and 8 used by IBM WebSphere MQ and the IBM MQ Appliance. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details If you run your own Java code using the Java...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MQ Light

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 Service Refresh 9 Fix Pack 60 and earlier releases, IBM® Runtime Environment Java™ Version 7R1 Service Refresh 3 Fix Pack 60 and earlier releases, and IBM® Runtime Environment Java™ Version 8 Service Refresh 3...

Security Bulletin: Multiple security vulnerabilities affect Liberty for Java for IBM Bluemix (CVE-2016-5573, CVE-2016-5597, CVE-2016-5983)

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM SDK for Java updates in October 2016. These may affect some configurations of IBM WebSphere Application Server...

Security Bulletin: Vulnerability in IBM Java Runtime affects IBM MQ Light (CVE-2016-3485)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 and earlier releases that is used by IBM MQ Light. This issue was disclosed as part of the IBM Java SDK updates in July 2016. IBM MQ Light 1.0.6 has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2016-348...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MQ Light (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 Service Refresh 9 Fix Pack 31 and earlier releases, and IBM® Runtime Environment Java™ Version 7R1 Service Refresh 3 Fix Pack 31 and earlier releases, that is used by IBM MQ Light. These issues were disclosed a...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM WebSphere Appliance Management Center (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 that is used by IBM WebSphere Appliance Management Center. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3426 DESCRIPTION: An unspecified...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere DataPower XC10 Appliance (CVE-2016-3427, CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that are used by WebSphere DataPower XC10 Appliance. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3427...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere eXtreme Scale (CVE-2016-3427, CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that are used by WebSphere eXtreme Scale. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3427 DESCRIPTION: An...

Security Bulletin: Vulnerabilities in IBM Java Runtime affects CICS Transaction Gateway (CVE-2016-0363 and CVE-2016-0636).

Summary There are vulnerabilities in IBM® SDK Java™ Runtime Environments JREs, Versions 6, 7, 7R1 & 8 shipped with CICS Transaction Gateway to enable customers to run CICS TG Java client applications. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM WebSphere MQ (CVE-2016-0264, CVE-2016-3426 and CVE-2016-3427)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 6 and 7 that are used by IBM WebSphere MQ. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered...

Security Bulletin: Vulnerability in IBM Java Runtime affects IBM WebSphere MQ (CVE-2015-7575)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Versions 6 & 7 that is used by IBM WebSphere MQ. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details CVEID: CVE-2015-757...

Security Bulletin: Vulnerability in IBM Java Runtime affects IBM WebSphere MQ Internet Pass-Thru (CVE-2015-7575)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM MQ Internet Pass-Thru. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Patches for these are available in IB...

Security Bulletin: Vulnerability in IBM Java Runtime affect IBM WebSphere Appliance Management Center (CVE-2015-7575)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM WebSphere Appliance Management Center. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere DataPower XC10 Appliance (CVE-2016-0475, CVE-2015-7575, CVE-2016-0448)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that are used by WebSphere DataPower XC10 Appliance. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred t...