Security Bulletin: Vulnerability in IBM Java SDK may affect IBM Storage Scale (CVE-2023-22045)

Summary There is a vulnerability in IBM SDK Java Technology Edition, used by IBM Storage Scale. Fix for this issue is available in all versions. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacke...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM Storage Scale

Summary There is a vulnerability in IBM SDK Java Technology Edition, used by IBM Storage Scale. This issue was disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Application Performance Management products

Summary IBM Java SDK is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2023-30441 DESCRIPTION: IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An...

ai.foxpay.api:foxpay-sdk (>=1.0 <=1.1), ai.genauth:genauth-java-sdk (=3.1.11) +2275 more potentially affected by CVE-2023-42278 via cn.hutool:hutool-core (>=4.0.0 <=5.8.21)

cn.hutool:hutool-core MAVEN version =4.0.0, =1.0, =j8.2.2.0, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR4, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =j8.2.2.0, =j8.2.2.0, =1.0.2, =1.0.4 and more Source cves: CVE-2023-42278 Source advisory: OSV:GHSA-RR66-QH5M-W6MX...

ai.foxpay.api:foxpay-sdk (>=1.0 <=1.1), ai.genauth:genauth-java-sdk (=3.1.11) +2275 more potentially affected by CVE-2023-42277 via cn.hutool:hutool-core (>=4.0.0 <=5.8.21)

cn.hutool:hutool-core MAVEN version =4.0.0, =1.0, =j8.2.2.0, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR4, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =j8.2.2.0, =j8.2.2.0, =1.0.2, =1.0.4 and more Source cves: CVE-2023-42277 Source advisory: OSV:GHSA-7P8C-CRFR-Q93P...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager (Multiple CVEs)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: A...

Security Bulletin: Vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester

Summary There are vulnerabilities in IBM SDK Java Technology Edition, Version 1.8 and IBM Runtime Environment Java Version 1.8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified...

Security Bulletin: Vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester

Summary There are vulnerabilities in IBM SDK Java Technology Edition, Version 1.8 and IBM Runtime Environment Java Version 1.8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable vulnerabilities. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Service Registry and Repository due to July 2023 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in July 2023. These issues are addressed by WebSphere Application Server shipped with WebSphere Servi...

Security Bulletin: IBM Java SDK update forJava deserialization filters (JEP 290) ignored during IBM ORB deserialization

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 8 for Java deserialization filters JEP 290 ignored during IBM ORB deserialization that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues we...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are used in IBM Security Guardium Key Lifecycle Manager

Summary WebSphere Application Server and IBM WebSphere Application Server Liberty is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server and IBM WebSphere Application Server Liberty has...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-40609)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to arbitrary code execution due to an unsafe deserialization flaw (CVE-2022-40609).

Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to an attacker executing arbitrary code due to an unsafe deserialization flaw as described in the vulnerability details section. The vulnerability is fixed by applying an IBM i Group PTF for...

Security Bulletin: Vulnerabilities in Oracle Java and the IBM Java SDK (CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968 and CVE-2023-21937 ) affect Power HMC

Summary IBM SDK, JAVA is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an...

Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to denial of service, availability, integrity, and confidentiality impacts due to multiple vulnerabilities.

Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to denial of service, availability, integrity, and confidentiality impacts as described in the vulnerability details section CVE-2022-21426, CVE-2023-2597, CVE-2023-21830, CVE-2023-21843,...

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There is vulnerability in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java...

Security Bulletin: Vulnerability in IBM Java SDK affects WebSphere Service Registry and Repository (CVE-2022-40609)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about a vulnerability in the IBM SDK, Java Technology Edition that is shipped with IBM WebSphere Application Server has been published in a security bulletin. Vulnerability...

Security Bulletin: Vulnerability in IBM® Java SDK affects IBM Liberty for Java for IBM Cloud due to CVE-2022-40609

Summary There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM Liberty for Java for IBM Cloud. The CVEs listed in this document might affect some configurations of IBM Liberty for Java for IBM Cloud. This product has addressed the applicable CVE. If you run yo...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server shipped with IBM Business Automation Workflow containers - April 2023 CPU

Summary IBM Business Automation Workflow containers package IBM® Java SDK 8 V21.0.3 or IBM® Semeru Runtime 11 V23.0.1. Information about security vulnerabilities in these Java runtumes have been published. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in...