Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.0.10.30 and Version 8.0.5.20 used by Rational Functional Tester RFT version 8.3.0 - 8.6.0.6 and 8.6.0.7 - 9.2.0.1. RFT has addressed the applicable CVEs. Vulnerability Details Rational Functional Tester has...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.0.10.30 and Version 8.0.5.20 used by Rational Functional Tester RFT version 8.3.0 - 8.6.0.6 and 8.6.0.7 - 9.2.1. RFT has addressed the applicable CVEs. Vulnerability Details Rational Functional Tester has...

aero.champ:cargojson (=1.0), ai.chronon:aggregator_2.11 (>=0.0.1 <=thread_contention-0.0.23-dev3) +22220 more potentially affected by CVE-2018-19362 via com.fasterxml.jackson.core:jackson-databind (>=2.9.0 <=2.9.7)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.9.0, =0.0.1, =0.0.6, =0.0.1, =local, =0.0.6, =0.0.1, =0.0.1, =0.0.6, =0.0.1, =0.1.2, =1.3.0, =1.4.3 and more Source cves: CVE-2018-19362 Source advisory: OSV:GHSA-C8HM-7HPQ-7JHG...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Security Key Lifecycle Manager October 2018 CPU

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager. Vulnerability Details Please consult the security bulletin...

Security Bulletin: IBM Content Classification is affected by IBM SDK, Java Technology Edition Quarterly CPU - Jul 2018 - Includes Oracle Jul 2018 CPU

Summary There is vulnerability in IBM® SDK Java Technology Edition, Version 6 used by IBM Content Classification. These issues were disclosed as part of the IBM Java SDK updates in Jul 2018. Vulnerability Details CVEID: CVE-2018-2973 DESCRIPTION: An unspecified vulnerability in Oracle Java SE...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6, 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. These issues were also addressed by IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact...

Security Bulletin: Multiple vulnerabilities in IBM® Java™ SDK and IBM® Java™ Runtime affect IBM® Intelligent Operations Center products

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7, and 8, and IBM® Runtime Environment Java™, Versions 6, 7, and 8 that are used by IBM® Intelligent Operations Center, IBM® Intelligent Operations Center for Emergency Management, and IBM® Water Operatio...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server in IBM Cloud October 2018 CPU

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates in October 2018. These may affect some configurations of IBM WebSphere Application Server Traditional...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cast Iron (aka App Connect Professional)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 SR10 FP25 used by IBM Cast Iron. IBM Cast Iron has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-1517 DESCRIPTION: A flaw in the java.math component in IBM SDK, Java Technology Editio...

Security Bulletin: Multiple security vulnerabilities affect Liberty for Java for IBM Cloud

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with Liberty for Java for IBM Cloud. These issues were disclosed as part of the IBM Java SDK updates in October 2018. These may affect some configurations of IBM WebSphere Application Server Libert...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 7, 7.1, 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in October 2018. Vulnerability Details CVEID: CVE-2018-3139 DESCRIPTION: An unspecified vulnerability in Oracle...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Fri Dec 14 12:06:34 CST 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javaoct2018advisory.asc https://aix.software.ibm.com/aix/efixes/security/javaoct2018advisory.asc...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM Emptoris Strategic Supply Management Suite of Products and IBM Emptoris Services Procurement

Summary The IBM Emptoris Strategic Supply Management suite of products are affected by multiple security vulnerabilities that exist in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. The security bulletin includes issues that were disclosed as part of th...

Security Bulletins for Emptoris Services Procurement

Question Security Bulletins for Emptoris Services Procurement Answer This article tracks all Security Bulletins for Emptoris Services Procurement. IBM's Product Security Incident Response Team PSIRT follows the NIST guidelines for determining the severity rating of the reported vulnerability - se...

Security Bulletins for Emptoris Spend Analysis

Question Security Bulletins for Emptoris Spend Analysis Answer This article tracks all Security Bulletins for Emptoris Spend Analysis. IBM's Product Security Incident Response Team PSIRT follows the NIST guidelines for determining the severity rating of the reported vulnerability - see "NVD...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server October 2018 CPU that is bundled with IBM WebSphere Application Server Patterns

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates in October 2018. Vulnerability Details For information on the IBM Java SDK that is now bundled with...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Algo One

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and 8 used by IBM Algo One. IBM Algo One has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-12539 DESCRIPTION: Eclipse OpenJ9 could allow a local attacker to gain elevated privileges o...

Security Bulletin: Multiple Security Vulnerabilities exist in IBM Cognos TM1 (CVE-2018-1656, CVE-2018-0732, CVE-2018-12539)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos TM1. These issues were disclosed as part of the IBM Java SDK updates in July 2018. An Open Source OpenSSL vulnerabilitiy has also been addressed. Vulnerability Details If you run your own Jav...

Security Bulletin: Multiple Security Vulnerabilities exist in IBM Cognos Insight (CVE-2018-1656, CVE-2018-0732, CVE-2018-12539, )

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos Insight. These issues were disclosed as part of the IBM Java SDK updates in July 2018. An Open Source OpenSSL vulnerability has also been addressed. Vulnerability Details If you run your own...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM QRadar SIEM

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by IBM QRadar SIEM. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-12539 Description: Eclipse OpenJ9 could allow a...