Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2025- Includes Oracle Apr 2025 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Storage Server (CVE-2025-1470, CVE-2025-1471).

Summary IBM Storage Protect Server is affected by multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8. These vulnerabilities could potentially affect OpenJ9 internal ASCII to EBCDIC string wrapper on z/OS. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In Eclipse...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2025- Includes Oracle Apr 2025 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2025 Critical Patch Update, plus CVE-2025-4447. For more information please refer to Oracle's April 2025 CPU Advisory and the CVE links referenced below...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2024 - Includes Oracle Oct 2024 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

Security Bulletin: Multiple vulnerabilities exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Multiple vulnerabilitis exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager ITNCM IP Edition v6.4.2. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Storage Protect Operations Center (CVE-2024-21094, CVE-2024-21085, CVE-2024-21011, CVE-2023-38264).

Summary IBM Storage Protect Operations Center may be impacted by multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8, potentially leading to a loss of availability and integrity of the host system. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified...

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager (CVE-2024-21147, CVE-2024-21145, CVE-2024-21140, CVE-2024-21144, CVE-2024-21138, CVE-2024-21131, CVE-2024-27267).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager ITNCM IP Edition v6.4.2. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their October 2024 Critical Patch Update, plus CVE-2024-10917. For more information please refer to Oracle's October 2024 CPU Advisory and the X-Force database entries...

Security Bulletin: IBM Sterling Control Center v6.2.x and v6.3.x are vulnerable due to IBM SDK Java Technology Edition vulnerability

Summary IBM SDK, Java Technology Edition Quarterly CPU - Oct 2023 - Includes Oracle October 2023 CPU plus CVE-2023-5676, CVE-2023-22081, CVE-2023-22067 affecting Sterling Control Center v6.2.x and v6.3.x. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java...

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2rBuffer overflow in GC when using the -Xgc:concurrentScavenge option on IBM Z. Vulnerability Details Refer to the security bulletins listed in...

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVEs: CVE-2024-21147, CVE-2024-21145, CVE-2024-21140, CVE-2024-21144, CVE-2024-21138, CVE-2024-21131 and CVE-2024-27267 Vulnerability Details CVEID:CVE-2024-21147...

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact, no integrity impact,...

Security Bulletin: IBM Sterling Transformation Extender is vulnerable to multiple issues due to IBM Java

Summary IBM Sterling Transformation Extender uses IBM SDK, Java Technology. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote...

Security Bulletin: IBM Security Guardium is affected by an IBM SDK, Java Technology Edition Quarterly CPU - Oct 2023 vulnerability (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary IBM Security Guardium has addressed these vulnerabilities with updates. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact, no integrity impact, and...

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2024 Critical Patch Update, plus CVE-2023-38264. For more information please refer to Oracle's April 2024 CPU Advisory and the X-Force database entries referenc...

Security Bulletin: There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM TXSeries for Multiplatforms (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676, CVE-2023-22045 and CVE-2023-22049).

Summary There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM TXSeries for Multiplatforms CVE-2023-22081, CVE-2023-22067, CVE-2023-5676, CVE-2023-22045 and CVE-2023-22049. An update to IBM TXSeries for Multiplatforms has been released to address these...

Security Bulletin: There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM CICS TX Standard (CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850).

Summary There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM CICS TX Standard CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850. An update to IBM CICS TX Standard has been released to addre...

Security Bulletin: IBM SDK, Java Technology Edition, Security Update February 2024

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that is used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates up to February 2024. IBM 8 SR8 FP20 1.8.0401. Vulnerability Details CVEID:CVE-2023-22067 DESCRIPTION:...

Security Bulletin: There are multiple vulnerabilities in IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway Desktop Edition (CVE-2023-22045 and CVE-2023-22049).

Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway Desktop Edition CVE-2023-22045 and CVE-2023-22049. An update to CICS Transaction Gateway Desktop Edition has been released to address these vulnerabilities. Vulnerability...