Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition 8.5.0 (CVE-2016-3449, CVE-2016-0264)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details If you run your own Java code using the IBM Java Runtime...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition (CVE-2014-3566, CVE-2014-6457, CVE-2014-6468)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 5 and 7 that is used by Content Manager Enterprise Edition. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition ((CVE-2015-0410, CVE-2014-6593, CVE-2015-0383, CVE-2015-0138))

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5 and 7, that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factorin...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 & 8 used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in Oct 2017. Vulnerability Details If you run your own Java code using the IBM Java Runtime...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin CVE-2023-22081, CVE-2023-5676 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to multiple vulnerabilities in IBM Java Runtime (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Oct 2023. This bulletin identifies the steps to take to address th...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (Oct 2023 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1.5.19 and earlier, 8.0.8.11 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in October 2023. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecifie...

Important: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this...

Security Bulletin: Vulnerabilities in IBM Java Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-22049 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component coul...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8, which is used by the desktop version of IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow. IBM Process Designer has addressed the applicable CVEs. Vulnerability Details...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM® Db2® (CVE-2022-40609)

Summary There was a vulnerability in IBM® Runtime Environment Java™ Version 7.1.5.18 and earlier, 8.0.8.4 and earlier used by IBM® Db2®. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (Apr 2023 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1.5.17 and earlier, 8.0.8.4 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details CVEID: CVE-2023-21930 DESCRIPTION: An unspecified...

CLSA-2023-1700593371 Fix CVE(s): CVE-2023-22045, CVE-2023-22049

Backport upstream releases 8u382 to 16.04 LTS CVEs fixed in 8u382: - CVE-2023-22045: OpenJDK incorrectly handled array accesses. - CVE-2023-22049: OpenJDK incorrectly sanitized URIs strings...

OESA-2023-1814 openjdk-latest security update

The OpenJDK runtime environment. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK:...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM® Db2® (CVE-2023-30441)

Summary IBM® Runtime Environment Java™ Version 8.0.7.0 through 8.0.7.11 used by IBM® Db2® is vulnerable to information disclosure. The fix for this issue was already published in an earlier bulletin. If you have already applied the appropriate Db2 special build or Java version 8.0.8.6 or higher...

Debian: Security Advisory (DLA-3636-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affect Rational Business Developer.

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtim...

RLSA-2023:5742 Moderate: java-11-openjdk security and bug fix update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 For more details about the security issues, including the...

Security Bulletin: Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in April 2023. Affected platforms are AIX, Linux, Linux on zSystems, and Windows. Vulnerability Detail...