SUSE-SU-2022:4250-1 Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues: - Update to OpenJDK 8u352 build 08 with OpenJ9 0.35.0 virtual machine, including Oracle October 2022 CPU changes. - CVE-2022-21619: An unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE...

Last Years Open Source - Tomorrow's Vulnerabilities

Linus Torvalds, the creator of Linux and Git, has his own law in software development, and it goes like this: "given enough eyeballs, all bugs are shallow." This phrase puts the finger on the very principle of open source: the more, the merrier - if the code is easily available for anyone and...

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Summary Java is used by IBM Robotic Process Automation for Cloud Pak as part of the the container images for services. Vulnerability Details CVEID:CVE-2022-21541 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no...

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2022:2856-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2856-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

Security Bulletin: IBM License Metric Tool, IBM Endpoint Manager for Software Use Analysis and IBM Tivoli Asset Discovery for Distributed Java-related vulnerabilities - October 2014

Summary IBM License Metric Tool, IBM Endpoint Manager for Software Use Analysis and IBM Tivoli Asset Discovery for Distributed are vulnerable to attacks related to Java vulnerabilites. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability...

SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2022:2819-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2819-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

Security Bulletin: IBM DataPower Gateway affected by multiple vulnerabilities in Java

Summary While core IBM DataPower Gateway does not use Java, certain components shipped with IDG may be vulnerable. IBM has addressed the CVEs. Vulnerability Details CVEID:CVE-2022-21434 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an...

Vulnerabilities fixed in IBM Rational ClearCase

IBM has fixed several vulnerabilities. The vulnerabilities are in the Java components of IBM Rational ClearCase. A unauthenticated remote malicious person could exploit the vulnerabilities potentially exploit them to cause a denial-of-service or obtain obtain sensitive information. IBM has made...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2022-5698)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5698 advisory. 1:1.8.0.342.b07-1 - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should...

Vulnerabilities fixed in IBM MQ

IBM has fixed multiple vulnerabilities in supporting software supplied with IBM MQ. The vulnerabilities are in Java, Eclipse Jetty and Websphere Liberty and were previously fixed in the individual products. A malicious party could potentially exploit the vulnerabilities to cause a...

Vulnerabilities fixed in Oracle Java SE

Oracle has fixed vulnerabilities in Java SE JDK/JRE and GraalVM Enterprise Edition. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security...

AlmaLinux 8 : java-1.8.0-openjdk (ALSA-2022:0307)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0307 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot for VMWare (CVE-2018-12547, CVE-2019-2426)

Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in January 2019. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for VMware. Vulnerability Details CVEID:...

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2022:14875-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14875-1 advisory. - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported...

Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE-2021-35556, CVE-2021-35565, CVE-2021-35588, CVE-2021-41035)

Summary IBM Rational Build Forge version 8.0 to 8.0.0.20 is affected by the Java version used in it. CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE-2021-35556, CVE-2021-35565, CVE-2021-35588, CVE-2021-41035 Vulnerability Details CVEID: CVE-2021-35560...

Vulnerabilities hide in Java

Vulnerabilities have been fixed in Java. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data Access to system data -=...

SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2021:2952-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2952-1 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Support...

RHEL 7 : java-1.7.1-ibm (RHSA-2021:3293)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3293 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

Security Bulletin: Streams service for IBM Cloud Pak for Data might be affected by some underlying Java vulnerabilities

Summary Streams service for IBM Cloud Pak for Data might be affected by some underlying Java vulnerabilities Vulnerability Details CVEID: CVE-2021-2161 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no...

SUSE: Security Advisory (SUSE-SU-2015:1509-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...