Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Installation Manager and IBM Packaging Utility

Summary There is a vulnerability in IBM® Runtime Environment Java™ Versions 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecifi...

Security Bulletin: IBM DataQuant is vulnerable to CVE-2020-14781

Summary CVE-2020-14781 is an unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: ...

Security Bulletin: Db2 Query Management Facility is vulnerable to CVE-2020-14781 (deferred from Oracle Oct 2020 CPU for Java 8)

Summary Db2 Query Management Facility is vulnerable to CVE-2020-14781 deferred from Oracle Oct 2020 CPU for Java 8 Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to obtain...

Security Bulletin: IBM DataQuant is vulnerable to CVE-2020-14803

Summary CVE-2020-14803 is an unspecified vulnerability in Java SE could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerability i...

Security Bulletin: Db2 Query Management Facility is vulnerable to IBM SDK, Java Technology Edition Quarterly CPU - Jan 2021 - Includes Oracle Jan 2021 CPU plus CVE-2020-27221

Summary Db2 Query Management Facility is vulnerable to IBM SDK, Java Technology Edition Quarterly CPU - Jan 2021 - Includes Oracle Jan 2021 CPU CVE-2020-14803 plus CVE-2020-27221 Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerability in Java SE could allow an...

Security Bulletin: IBM DataQuant is vulnerable to CVE-2020-14782

Summary IBM DataQuant is vulnerable to CVE-2020-14782, an unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. Vulnerability Details CVEID: CVE-2020-147...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition, that is used by IBM Workload Scheduler.

Summary Java SE issues disclosed in the Oracle July 2020 Critical Patch Vulnerability Details CVEID: CVE-2020-2754 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Scripting component could allow an unauthenticated attacker to cause a denial of service resulting in a lo...

Security Bulletin: Multiple vulnerabilities in OpenJDK version 8 affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in OpenJDK version 8 that is used by IBM InfoSphere Information Server. Some of these vulnerabilities only affect versions 11.7.1.0 and earlier; others also affect versions 11.7.1.1 and 11.7.1.2. Vulnerability Details CVEID: CVE-2019-2987 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in OpenJDK version 11 affect IBM InfoSphere Information Server

Summary Multiple vulnerabilities in OpenJDK version 11 that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID: CVE-2019-2964 DESCRIPTION: An unspecified vulnerability in Java SE related to the Concurrency component could allow an unauthenticated attacker to...

Security Bulletin: Security vulnerabilities in Java SE affects Rational Build Forge

Summary Java SE that is used by IBM Rational Build Forge has a security vulnerabilities. IBM Rational Build Forge has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2773 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Security component could allo...

Security Bulletin: Security vulnerabilities in Java SE affects Rational Build Forge

Summary Java SE that is used by IBM Rational Build Forge has a security vulnerabilities. IBM Rational Build Forge has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an...

Security Bulletin: Vulnerabilities in IBM Java SDK affecting IBM Application Discovery and Delivery Intelligence V5.1.0.8 and V5.1.0.9

Summary Multiple vulnerabilities are identified in IBM® SDK Java™ Technology Edition Version 1.8 that is used by IBM Application Discovery and Delivery Intelligence V5.1.0.8 and V5.1.0.9 respectively. These issues were disclosed as part of the IBM Java SDK updates in October 2020. Vulnerability...

Security Bulletin: Lift

Summary New Lift version should be downloaded from Lift website https://www.lift-cli.cloud.ibm.com/ Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to obtain sensitive information resulting in a low...

Security Bulletin: A vulnerability in IBM Java SE affects IBM Elastic Storage System

Summary There is a vulnerability in IBM SDK Java Technology Edition, used by IBM Elastic Storage System. This issue was disclosed as part of the IBM Java SDK updates in Oct 2020. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Java SE related to the...

Security Bulletin: Rational Application Developer is vulnerable to CVE-2020-2773

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition 8 used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in April 2020. Vulnerability Details CVEID: CVE-2020-2773 DESCRIPTION: An unspecified vulnerability in Java SE related t...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Apr 2020 CPU (CVE-2020-2773)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in Apr 2020. Vulnerability Details CVEID: CVE-2020-2773 DESCRIPTION: An unspecified vulnerability...

Security Bulletin: IBM Security Privileged Identity Manager is affected by a denial of service vulnerability (CVE-2020-2781)

Summary IBM Security Privileged Identity Manager has addressed an issue for IBM SDK, Java Technology Edition, which is used in Privileged Identity Manager. Vulnerability Details CVEID: CVE-2020-2781 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE JSSE component could...

Security Bulletin: IBM API Connect is impacted by multiple vulnerabilities in Java SE.

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-14779 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low...

OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

Security Bulletin: IBM Cognos Command Center has addressed multiple vulnerabilities (Q12021)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Cognos Command Center. This issue was disclosed as part of the IBM Java SDK updates in October 2020. IBM Command Center 10.2.4 FP1 IF14 has addressed the applicable CVE. Additionally , a vulnerability in jQue...