OpenJDK 7 <= 7u251 / 8 <= 8u242 / 11.0.0 <= 11.0.6 / 13.0.0 <= 13.0.2 / 14.0.0 <= 14.0.0 Multiple Vulnerabilities (2020-04-14)

The version of OpenJDK installed on the remote host is prior to 7 = 7u251 / 8 = 8u242 / 11.0.0 = 11.0.6 / 13.0.0 = 13.0.2 / 14.0.0 = 14.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020-04-14 advisory. Please Note: Java CVEs do not always include OpenJDK...

OpenJDK 7 <= 7u211 / 8 <= 8u202 / 11.0.0 <= 11.0.2 / 12.0.0 <= 12.0.0 Multiple Vulnerabilities (2019-04-16)

The version of OpenJDK installed on the remote host is prior to 7 = 7u211 / 8 = 8u202 / 11.0.0 = 11.0.2 / 12.0.0 = 12.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 2019-04-16 advisory. Please Note: Java CVEs do not always include OpenJDK versions, but are...

Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearCase (CVE-2020-27221, CVE-2020-14782, CVE-2020-2773, CVE-2020-14781)

Summary There are vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which is used by IBM Rational ClearCase. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Jan 2021 - Includes Oracle Jan 2021 CPU plus CVE-2020-27221, CVE-2020-1478...

EulerOS 2.0 SP8 : java-1.8.0-openjdk (EulerOS-SA-2021-1982)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: ...

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2021:1989-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:1989-1 advisory. - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supporte...

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE (CVE-2020-14781)

Summary IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE CVE-2020-14781 Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to obtain sensitive information...

Security Bulletin: Vulnerability in IBM Java SDK affecting IBM Application Discovery and Delivery Intelligence V5.1.0.8, V5.1.0.9 and V6.0.0.0

Summary Vulnerability was identified in IBM® SDK Java™ Technology Edition Version 1.8 that is used by IBM Application Discovery and Delivery Intelligence V5.1.0.8, V5.1.0.9 and V6.0.0.0 respectively. This issue was disclosed in the Oracle April 2021 Critical Patch Update. Vulnerability Details...

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2019:14160-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14160-1 advisory. - AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users...

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2020:14263-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14263-1 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java...

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2020:14398-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14398-1 advisory. - Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231,...

Security Bulletin: IBM DataPower Gateway affected by multiple vulnerabilities in Java Runtime

Summary IBM has addressed the following CVEs: CVE-2020-2593, CVE-2020-2583 Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Networking component could allow an unauthenticated attacker to cause low confidentiality impact, low...

Security Bulletin: IBM DataPower Gateway Java security update

Summary IBM has addressed the following JRE CVEs: CVE-2020-14621, CVE-2020-14579, CVE-2020-14578, CVE-2020-14577, CVE-2020-2757, CVE-2020-2756, CVE-2020-2755, CVE-2020-2754 Vulnerability Details CVEID: CVE-2020-14621 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP compone...

Security Bulletin: Multiple vulnerabilities may affect JRE in IBM DataPower Gateway

Summary IBM has addressed the relevant CVEs Vulnerability Details CVEID: CVE-2020-14779 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using...

Security Bulletin: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker

Summary An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in...

Security Bulletin: IBM MQ Appliance is affected by a Java SE vulnerability (CVE-2020-27221)

Summary IBM MQ Appliance has resolved a Java SE vulnerability. Vulnerability Details CVEID: CVE-2020-27221 DESCRIPTION: Eclipse OpenJ9 is vulnerable to a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding. By sending an...

CVE-2018-2641

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

Security Bulletin: Vulnerabilities in IBM Java SE affect IBM InfoSphere Identity Insight (CVE-2020-14782)

Summary In the Java used in IBM InfoSphere Identity Insight 9.0 and 9.1, an unspecified vulnerability related to the Libraries component could allow an unauthenticated attacker to cause low integrity impact. This vulnerability has no confidentiality impact or availability impact. Vulnerability...

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE (CVE-2020-14782)

Summary IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE CVE-2020-14782 Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentialit...

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE (CVE-2020-14803, CVE-2020-27221)

Summary IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE CVE-2020-14803, CVE-2020-27221 Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to obtain sensitive information resulting in ...