Security Bulletin: Financial Transaction Manager for Digital Payments is impacted by multiple vulnerabilities in IBM Java SE

Summary Multiple vulnerabilities were addressed in Financial Transaction Manager 3.2.13 for Digital Payments, Corporate Payment Services and High Value Payments. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow...

Security Bulletin: Security Vulnerabilities fixed in IBM Security Directory Integrator

Summary Several CVEs were fixed in the IBM Java SE that is bundled with IBM Security Directory Integrator. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high...

K000148599: Java vulnerability CVE-2024-21211

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Compiler. Supported versions that are affected are Oracle Java SE: 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM...

OESA-2024-2392 openjdk-1.8.0 security update

The OpenJDK runtime environment 8. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4,...

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7175229)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7175229 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of...

Security Bulletin: Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Advanced.

Summary Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Advanced. Updates to IBM CICS TX Advanced have been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2024-21145 DESCRIPTION: An unspecified vulnerability in Java SE related to the 2D component...

Security Bulletin: IBM Sterling Connect:Direct Web Services is affected by multiple IBM JRE vulnerabilites

Summary IBM Sterling Connect:Direct Web Services uses IBM java. An unspecified vulnerability in Java SE related to the 2D component could allow a remote attacker to cause low confidentiality, low integrity impacts. Vulnerability Details CVEID:CVE-2024-21145 DESCRIPTION: An unspecified vulnerabili...

K000148476: Oracle Java SE vulnerabilities CVE-2024-21217 and CVE-2024-21235

Security Advisory Description CVE-2024-21217 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23;...

RHEL 8 : java-1.8.0-ibm (RHSA-2024:1481)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1481 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

RHEL 8 : java-1.8.0-ibm (RHSA-2024:6595)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6595 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to...

RHEL 7 : java-1.8.0-ibm (RHSA-2024:1482)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1482 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

Security Bulletin: IBM Sterling Control Center is vulnerable to IBM Semeru Runtime Quarterly CPU - Apr 2024 - Includes OpenJDK Apr 2024 CPU

Summary IBM Semeru Runtime Quarterly CPU - Apr 2024 is affecting Sterling Control Center v6.2.1 and v6.3.1. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low availability impacts...

Security Bulletin: IBM Sterling Control Center is vulnerable to IBM Semeru Runtime Quarterly CPU - Jul 2024 - Includes OpenJDK July 2024 CPU

Summary IBM Semeru Runtime Quarterly CPU - Jul 2024 is affecting Sterling Control Center v6.2.1 and v6.3.1. Vulnerability Details CVEID:CVE-2024-21145 DESCRIPTION: An unspecified vulnerability in Java SE related to the 2D component could allow a remote attacker to cause low confidentiality, low...

Azul Zulu Java Multiple Vulnerabilities (2023-10-17). (CVE-2023-22025, CVE-2023-22067, CVE-2023-22081)

The version of Azul Zulu installed on the remote host is prior to 6 6.59.0.14 / 7 7.65.0.14 / 8 8.73.0.12 / 11 11.67.16 / 17 17.45.16 / 21 21.30.16. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023-10-17 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM...

Medium: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

Medium: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2024-2684)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.25+9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2684 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

Security Bulletin: IBM MQ Explorer is affected by a vulnerability in the IBM Semeru Runtime (CVE-2024-21085)

Summary An issue was identified with IBM Semeru Runtime, Version 17, which is used in IBM MQ Explorer. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low availability impacts. CVSS...

Medium: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...