openSUSE 15 Security Update : xstream (openSUSE-SU-2021:1401-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1401-1 advisory. - XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attack...

Oracle Linux 7 : xstream (ELSA-2021-3956)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3956 advisory. - Resolves: CVE-2021-39148 - Resolves: CVE-2021-39139 - Resolves: CVE-2021-39140 - Resolves: CVE-2021-39141 - Resolves: CVE-2021-39144 - Resolves:...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Installation Manager and IBM Packaging Utility. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Vulnerability Details CVEID: CVE-2017-10116 DESCRIPTION: An unspecified...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 6 and 7 used by IBM Installation Manager and IBM Packaging Utility. These issues were disclosed as part of the IBM Java SDK updates in January 2017. Vulnerability Details CVEID: CVE-2016-5547 DESCRIPTION: An...

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Installation Manager and IBM Packaging Utility (CVE-2016-5597)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Versions 6 and 7 used by IBM Installation Manager and IBM Packaging Utility. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5597 DESCRIPTION: An unspecified...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect the IBM Installation Manager and IBM Packaging Utility (CVE-2014-6593 and CVE-2015-0138)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that are used by IBM Installation Manager and IBM Packaging Utility. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the...

OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...

openSUSE 15 Security Update : xstream (openSUSE-SU-2021:3476-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3476-1 advisory. - XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attack...

RLSA-2021:3891 Important: java-11-openjdk security update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using Kerberos...

PT-2021-7894

Name of the Vulnerable Software and Affected Versions Java SE versions 8u301, 11.0.12, 17 Oracle GraalVM Enterprise Edition versions 20.3.3 and 21.2.0 Description The issue is related to the JSSE component and allows an unauthenticated attacker with network access via TLS to compromise Java SE an...

Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager CVE-2021-2388, CVE-2021-2369, CVE-2021-2432, CVE-2021-2341.

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v3.9, v4.1 and v4.2 which was disclosed in the Oracle July 2021 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: A Vulnerability in IBM Java Runtime Affects IBM Sterling Connect:Direct for UNIX

Summary There is a vulnerability in IBM® Runtime Environment Java™ Versions 8.0.6.15, 8.0.6.0, 8.0.5.40, 8.0.5.30, 8.0.5.35, 7.0.10.70, and 7.0.10.40, used by IBM Sterling Connect:Direct for UNIX on AIX, Linux, Solaris, and HP-UX platforms. IBM Sterling Connect:Direct for UNIX has addressed the...

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM Cognos Command Center

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Cognos Command Center. These issues were disclosed as part of the IBM Java SDK update for July 2021 and April 2021 as well as CVE-2020-14782 defered from October 2020 IBM Java SDK...

Debian DLA-2769-1 : libxstream-java - LTS security update

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2769 advisory. - XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute...

Security Bulletin: Vulnerabilities in IBM Java Runtime and libxml2 affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition Version 8, as well as a vulnerability in GNOME libxml2 version 2.7.8. Both components are used by Tivoli Netcool/OMNIbus. The JRE vulnerability was disclosed as part of the IBM Java SDK updates in April 2021. Th...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-2341 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageGateway

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8.0 used by IBM MessageGateway. Vulnerability Details CVEID: CVE-2021-2388 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to take control of...

Security Bulletin: A vulnerability in IBM Java Runtime affects TXSeries for Multiplatforms

Summary IBM TXSeries for Multiplatforms has addressed the following vulnerability reported by IBM® Runtime Environment Java™ Vulnerability Details CVEID: CVE-2021-2161 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker t...

Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11, V12 (CVE-2021-2161)

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition, used by IBM Integration Bus & IBM App Connect Enterprise v11, V12. These issues were disclosed as part of the IBM Java SDK updates in April 2021 Vulnerability Details CVEID: CVE-2021-2161 DESCRIPTION: An unspecified vulnerability in Ja...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 and Version 8 used by Rational Directory Server Tivoli and Rational Directory Administrator. These issues were disclosed as part of the IBM Java SDK updates in July 2021. Upgrade the JRE in order to resolve the...