Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2020-1491)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.265.b01-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1491 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supporte...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2020 - Includes Oracle Apr 2020 CPU minus CVE-2020-2773 affects IBM MQ

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 7 and 8 used by IBM MQ. IBM MQ have addressed the applicable CVEs. These issues were disclosed as part of the IBM Java SDK updates in April 2020. Vulnerability Details CVEID: CVE-2020-2781 DESCRIPTION: An unspecifi...

Security Bulletin: An unspecified vulnerability in Java SE or Oracle Java SE could allow an unauthenticated attacker

Summary An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact. An unspecified vulnerability in Java SE related to the 2D component could allow an...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Identity Insight (CVE-2020-2754, CVE-2020-2755)

Summary An unspecified vulnerability in Java SE related to the Java SE Scripting component used by IBM InfoSphere Identity Insight could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. Vulnerability Details Refer ...

Security Bulletin: Vulnerability in Java SE libraries could allow unauthenticated attacker to cause denial of service

Summary An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: Vulnerabilities in IBM Java SDK affecting IBM Application Discovery and Delivery Intelligence V5.1.0.7 and V5.1.0.8

Summary Multiple vulnerabilities are identified in IBM® SDK Java™ Technology Edition Version 1.8 that is used by IBM Application Discovery and Delivery Intelligence V5.1.0.7 and V5.1.0.8 respectively. These issues were disclosed as part of the IBM Java SDK updates in July 2020. Vulnerability...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2020-2352)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2020-2352)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected...

Security Bulletin: Multiple vulnerabilities affect IBM Planning Analytics

Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Planning Analytics Local 2.0.9.3 and IBM Planning Analytics Workspace Release 58. There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by IBM Planning Analytics and IBM Planning...

EulerOS 2.0 SP5 : java-1.8.0-openjdk (EulerOS-SA-2020-2249)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM® Java SDK that affect IBM Security Directory Suite - January 2020 CPU

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM Security Directory Suite. The issues were disclosed as part of the IBM Java SDK updates in January 2020 and it includes the vulnerabilities details. Vulnerability Details CVEID: CVE-2020-2604...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections. Vulnerability Details CVEID: CVE-2020-14621...

Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Using Components with Known Vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2020-2583 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Serialization component could allow an...

Oracle Linux 6 : java-1.8.0-openjdk (ELSA-2020-4348)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4348 advisory. 1:1.8.0.272.b10-0 - Remove the 64-bit siphash test which fails to compile on x86-32 debug builds with gcc 4.4.7 in RHEL 6 - Resolves: rhbz1876665...

Security Bulletin: Security vulnerabilities in Java SE affects Rational Build Forge

Summary Java SE that is used by IBM Rational Build Forge has a security vulnerabilities. IBM Rational Build Forge has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14583 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an...

Security Bulletin: Security vulnerability in Java SE affects Rational Build Forge (CVE-2020-2601)

Summary Java SE that is used by IBM Rational Build Forge has a security vulnerability. IBM Rational Build Forge has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-2601 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Securit...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Jul 2020 (CVE-2020-2601)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 used by IBM Tivoli System Automation Application Manager 4.1.0.0, 4.1.0.1 and IBM SDK Java Technology Edition, Version 8 used by IBM Tivoli System Automation Application Manager 4.1.0.2, 4.1.0.3. These issues...

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2020-4350)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4350 advisory. 1:1.8.0.272.b10-1 - Add backport of JDK-8215727: 'Restore JFR thread sampler loop to old / previous behaviour' - Resolves: rhbz1876665 1:1.8.0.272.b10-...