Security Bulletin: Multiple vulnerabilities in IBM SDK, Java technology affect IBM Tivoli Composite Application Manager for Transactions (Response Time)

Summary IBM SDK, Java Technology Edition is used by IBM Tivoli Composite Application Manager for Transactions Response Time Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with...

Oracle Java SE Multiple Vulnerabilities (April 2025 CPU)

The versions of Java installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2025 CPU advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX gstreamer. Supported versions that are...

Oracle Java SE Multiple Vulnerabilities (Apr 2025) - Linux

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in Java SE (component: Hotspot: CVE-2024-10917, CVE-2024-21235, CVE-2024-21217, CVE-2024-21210, CVE-2024-21208) affect IBM PowerVM Novalink.

Summary Java SE component: Hotspot is used by IBM PowerVM Novalink. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete...

Medium: java-23-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

Security Bulletin: Security vulnerabilities in Java SE shipped with IBM CICS TX Standard.

Summary There are multiple vulnerabilities in the Java SE version that is shipped with IBM CICS TX Standard. An update to IBM CICS TX Standard has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot...

Security Bulletin: Security vulnerabilities in Java SE shipped with  IBM CICS TX Advanced.

Summary There are multiple vulnerabilities in the Java SE version shipped with IBM CICS TX Advanced. An update to IBM CICS TX Advanced has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult...

ROS-20250226-09

Vulnerabilities in the Hotspot components of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines are related to flaws in the authorization mechanism. for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to a flaw...

Security Bulletin: Vulnerabilities in Java SE affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerabilities in Java SE has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-21208 DESCRIPTION: Vulnerability in Java SE...

Security Bulletin: Vulnerability with Eclipse Jetty, e2fsprogs, dnsjava , Apache Commons IO, Apache HTTP Server and Java SE affect IBM Cloud Object Storage Systems (Dec 2024)

Summary Vulnerability with Eclipse Jetty CVE-2024-9823, CVE-2024-6763, CVE-2024-8184, e2fsprogs CVE-2022-1304 dnsjava CVE-2024-25638, Apache Commons IO. CVE-2024-47554 , Apache HTTP ServerCVE-2024-40725 and Java SE CVE-2024-21217,CVE-2024-21235, CVE-2024-21210. This vulnerability has been address...

Security Bulletin: Multiple vulnerabilities in IBM® Semeru Runtime affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® Semuru Runtime used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-20932 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in IBM SDK

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of IBM SDK Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity...

Oracle Java SE Multiple Vulnerabilities (January 2025 CPU)

The 8u431, 11.0.26, 17.0.14, 20.3.16, 21.0.5, 21.3.12, 23.0.2, and perf versions of Java installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2025 CPU advisory. - Vulnerability in Oracle Java SE component: Install Sparkle. The supported version that i...

Security Bulletin: Multiple vulnerabilities in IBM MQ affect IBM Robotic Process Automation for Cloud Pak

Summary Multiple vulnerabilities in IBM MQ affect IBM Robotic Process Automation for Cloud Pak. IBM MQ is used as base imaged for IBM Robotic Process Automation for Cloud Pak messaging. This bulletin identifies the fixes required to address these vulnerabilites. Vulnerability Details...

Security Bulletin: Financial Transaction Manager v4 is impacted by multiple vulnerabilities in IBM Java SE

Summary Multiple vulnerabilities were addressed in Financial Transaction Manager v4.0.6.0 iFix4 Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity...

Security Bulletin: IBM Sterling Connect:Direct Web Services is affected by multiple IBM JRE vulnerabilites

Summary IBM Sterling Connect:Direct Web Services uses IBM java. An unspecified vulnerability in Java SE related to the 2D component could allow a remote attacker to cause low confidentiality, low integrity impacts. Vulnerability Details CVEID:CVE-2024-21145 DESCRIPTION: An unspecified vulnerabili...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

Medium: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

ROS-20240801-04

A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...

ROS-20240730-16

A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machines for JDK and Oracle GraalVM Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the...