RHEL 7 : ibm_jdk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - IBM JDK: unsafe deserialization flaw in the Object Request Broker ORB CVE-2022-40609 - IBM JDK: Object...

RHEL 6 : ibm_jdk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - IBM JDK: Information disclosure via calls to System.arraycopy with invalid length CVE-2019-17639 Note that Nessus h...

RHEL 7 : java-1.8.0-ibm (RHSA-2024:0879)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0879 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

RHEL 5 : java-1.4.2-ibm-sap (RHSA-2011:1265)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1265 advisory. - IBM JDK Class file parsing denial-of-service CVE-2011-0311 - Oracle/IBM JDK: unspecified vulnerabilities fixed in 6u26 Sound CVE-2011-0802...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (Jan 2024 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1.5.20 and earlier, 8.0.8.15 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in January 2024. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecifie...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM® Db2® (CVE-2023-30441)

Summary IBM® Runtime Environment Java™ Version 8.0.7.0 through 8.0.7.11 used by IBM® Db2® is vulnerable to information disclosure. The fix for this issue was already published in an earlier bulletin. If you have already applied the appropriate Db2 special build or Java version 8.0.8.6 or higher...

Security Bulletin: IBM Rational Build Forge is vulnerable and could allow an unauthenticated attacker to cause a denial of service due to the use of IBM Java (CVE-2021-35561)

Summary IBM Java is used by IBM Rational Build Forge. The vulnerability CVE-2021-35561 has been identified and addressed. Vulnerability Details CVEID:CVE-2021-35561 DESCRIPTION: An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cau...

Security Bulletin: IBM Rational Build Forge is vulnerable and could allow unauthenticated attacker to cause multiple impacts due to the use of JNDI component (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)

Summary IBM JDK used by IBM Rational Build Forge. This fix includes IBM JDK 8.0.7.10 which is based on jdk8u331-b09 Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no...

RHEL 8 : java-1.8.0-ibm (RHSA-2023:4103)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4103 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability - IBM JDK 8.0.7.16 and earlier

Summary IBM® Security SOAR includes an older version of IBM JDK that may be identified and exploited. An update has been released which addresses these issues. The version of IBM JDK included in the latest version of IBM Security Soar is 8.0.7.20. Vulnerability Details CVEID:CVE-2022-21628...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability - IBM JDK 8.0.7.11 and earlier

Summary IBM® Security SOAR includes an older version of IBM JDK that may be identified and exploited. An update has been released which addresses these issues. The version of IBM JDK included in the latest version of SOAR App Host and IBM Security Soar is 8.0.7.15. Vulnerability Details...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability - IBM JDK 8.0.6.30 and earlier

Summary Older versions of IBM® Security SOAR 41.1 and earlier include an older version of IBM JDK that may be identified and exploited. Version 8.0.6.30 and earlier of IBM JDK have a known vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

RHEL 8 : java-1.8.0-ibm (RHSA-2022:6735)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6735 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

RHEL 7 : java-1.8.0-ibm (RHSA-2022:6756)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6756 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

Security Bulletin: IBM Security SOAR is using a component with multiple known vulnerabilities - IBM JDK 8.0.7.6

Summary IBM® Security SOAR includes an older version of IBM JDK that may be identified and exploited. An update has been released which addresses these issues. The version of IBM JDK included in the latest version of SOAR App Host and IBM Security Soar is 8.0.7.10. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in Java SE that could allow an unauthenticated attacker to obtain sensitive information affect IBM® Db2®. (CVE-2021-35603, CVE-2021-35550, CVE-2021-2341)

Summary Multiple vulnerabilites in Java SE that could allow an unauthenticated attacker to obtain sensitive information. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain...

Security Bulletin: IBM Security SOAR is using a component with multiple known vulnerabilities - IBM JDK 8.0.7.0

Summary IBM Security SOAR includes an older version of IBM JDK that may be identified and exploited. An update has been released which addresses these issues. The version of IBM JDK included in the latest version of SOAR App Host and IBM ® Security Soar is 8.0.7.5. Vulnerability Details CVEID:...

RHEL 7 : java-1.7.1-ibm (RHSA-2022:0310)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0310 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

RHEL 7 : java-1.8.0-ibm (RHSA-2021:5030)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5030 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server October 2021 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These might affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Applicatio...