Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary This bulletin covers all applicable Java SE CVEs published by Oracle as part of their April 2022 Critical Patch Update, except for CVE-2022-21426 which will be described in a future bulletin. For more information please refer to Oracle's April 2022 CPU Advisory and the X-Force database...

Security Bulletin: IBM MQ Internet Pass-Thru is vulnerable to an issue within IBM® Runtime Environment Java™ Technology Edition, Version 7. (CVE-2021-35588)

Summary IBM MQ Internet Pass-Thru has addressed the following vulnerability in the IBM® Runtime Environment Java™ Technology Edition, Version 7 used by IBM MQ Internet Pass-Thru. Vulnerability Details CVEID: CVE-2021-35588 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM...

Security Bulletin: Multiple vulnerabbilities exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager

Summary Multiple vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2, which was disclosed in the Oracle January 2022 Critical Patch Update. CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-2134...

Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager (CVE-2021-35603).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2, which was disclosed in the Oracle October 2021 Critical Patch Update Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager (CVE-2021-35603).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2, which was disclosed in the Oracle October 2021 Critical Patch Update Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager (CVE-2021-35550).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2, which was disclosed in the Oracle October 2021 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

Security Bulletin: Due to use of IBM SDK, Java Technology Edition, IBM Tivoli Application Dependency Discovery Manager (TADDM) is vulnerable to denial of service

Summary IBM® SDK Java™ Technology Edition, is used by IBM Tivoli Application Dependency Discovery Manager TADDM and is vulnerable to a denial of service CVE-2021-35550, CVE-35603. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE...

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2015-4872)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8, that is used by IBM Standards Processing Engine and IBM Transformation Extender Advanced. This issue was disclosed as part of the IBM Java SDK updates for October 2015. Vulnerability Details CVEID: CVE-2015-48...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2021and Jan 2022

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 8 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM Java SDK updates in Oct 2021 and Jan 20...

Security Bulletin: IBM MQ is vulnerable to multiple issues in IBM® Runtime Environment Java™ Technology Edition, Version 8 and Version 7 (CVE-2021-35578, CVE-2021-35588, CVE-2021-41035)

Summary Multiple issues were identified in IBM® Runtime Environment Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Technology Edition, Version 7 which affect IBM MQ. Vulnerability Details CVEID: CVE-2021-35578 DESCRIPTION: An unspecified vulnerability in Java SE related to...

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 8.0.7.5. Vulnerability Details CVEID: CVE-2021-41035 DESCRIPTION:...

IBM Java 7.0 < 7.0.10.50 / 7.1 < 7.1.4.50 / 8.0 < 8.0.5.40 Multiple Vulnerabilities

The version of IBM Java installed on the remote host is prior to 7.0 7.0.10.50 / 7.1 7.1.4.50 / 8.0 8.0.5.40. It is, therefore, affected by multiple vulnerabilities as referenced in the IBM Security Update July 2019 advisory. - Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on...

IBM Java 7.1 < 7.1.4.20 / 8.0 < 8.0.5.10

The version of IBM Java installed on the remote host is prior to 7.1 7.1.4.20 / 8.0 8.0.5.10. It is, therefore, affected by a vulnerability as referenced in the IBM Security Update February 2018 advisory. - Under certain circumstances, a flaw in the J9 JVM IBM SDK, Java Technology Edition 7.1 and...

Security Bulletin: Due to use of IBM SDK, Java Technology Edition, IBM Tivoli Application Dependency Discovery Manager (TADDM) is vulnerable to denial of service

Summary IBM® SDK Java™ Technology Edition, is used by IBM Tivoli Application Dependency Discovery Manager TADDM and is vulnerable to a denial of service CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21294, CVE-2022-21293, CVE-2022-21291,...

Security Bulletin: Vulnerability in Java SE libraries could allow unauthenticated attacker to cause denial of service (CVE-2020-2754, CVE-2020-2755)

Summary An unspecified vulnerability in Java SE related to the Java SE Libraries component used by Global Name Management could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. Vulnerability Details Refer to the...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Global Name Management (CVE-2020-14621, CVE-2020-14577)

Summary There are two low-impact vulnerabilities in the IBM Java SDK that is used as part of IBM InfoSphere Global Name Management. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM...

Security Bulletin: Vulnerability in Java SE libraries could allow unauthenticated attacker to cause denial of service (CVE-2020-2654)

Summary An unspecified vulnerability in Java SE related to the Java SE Libraries component used in IBM InfoSphere Global Name Management could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Global Name Management (CVE-2019-2989, CVE-2019-2978, CVE-2019-2983)

Summary There are multiple vulnerabilities in the IBM Java SDK that is used by IBM WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. Vulnerability Details Refer to the security bulletinss listed in the Remediation/Fixes section Affected Products and Versions...

Security Bulletin: Due to use of IBM SDK, Java Technology Edition, IBM Tivoli Application Dependency Discovery Manager (TADDM) is vulnerable to denial of service

Summary IBM® SDK Java™ Technology Edition, is used by IBM Tivoli Application Dependency Discovery Manager TADDM and is vulnerable to a denial of service CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE-2021-35556, CVE-2021-35565, CVE-2021-35588, CVE-2021-41035,...

Security Bulletin: Security vulnerabilities have been identified in IBM SDK, Java Technology Edition shipped with IBM Tivoli Federated Identity Manager

Summary IBM SDK, Java Technology Edition is shipped with IBM Tivoli Federated Identity Manager. Information about security vulnerabilities affecting IBM SDK, Java Technology Edition have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the...