Security Bulletin: Vulnerability in IBM Java Runtime affects Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2021-35578)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by Watson Explorer and Watson Explorer Content Analytics Studio. Watson Explorer and Watson Explorer Content Analytics Studio have addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-35578 DESCRIPTIO...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect SPSS Collaboration and Deployment Services

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 and 8 used by SPSS Collaboration and Deployment Services. These issues were disclosed as part of the IBM Java SDK updates. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: An unspecified vulnerability i...

Security Bulletin: Vulnerabilities in IBM Java Runtime and Golang Go affect IBM Spectrum Protect Server (CVE-2021-35578, CVE-2021-44716, CVE-2021-44717)

Summary The IBM Spectrum Protect Server might be affected by vulnerabilties in IBM® Runtime Environment Java™ and Golang Go such as denial of service and bypassing security restrictions. The Java vulnerability was disclosed as part of the IBM Java SDK updates in October 2021. UPDATED: March 14,...

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Business Developer

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and IBM® Runtime Environment Java™ Version 7 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtim...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of t...

java-11-openjdk bug fix and enhancement update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes: The previous OpenJDK 11 release, 11.0.14, was found to contain a regression introduced by improvements to the HTTP client. It caused both the :authority' and...

Security Bulletin: Vulnerabilities in IBM Java Runtime and IBM WebSphere Application Server Liberty affect IBM Operations Center and Client Management Service (CVE-2021-35578, CVE-2021-35517, CVE-2021-36090)

Summary A denial of service vulnerability in IBM® Runtime Environment Java, disclosed as part of the IBM Java SDK updates in October 2021, can affect IBM Spectrum Protect Operations Center and IBM Spectrum Protect Client Management Service. Denial of service vulnerabilities in Apache Commons...

Security Bulletin: Vulnerability in IBM Java Runtime affects Watson Explorer Content Analytics Studio ( CVE-2021-2341)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by Watson Explorer Content Analytics Studio. Watson Explorer Content Analytics Studio has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2021-2341 DESCRIPTION: An unspecified vulnerability in Java SE...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security QRadar SOAR ( CVE-2021-35560, CVE-2021-35578, CVE-2021-35564, CVE-2021-35565, CVE-2021-35588)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by IBM Security QRadar SOAR. IBM has addressed the applicable CVEs CVE-2021-35560, CVE-2021-35578, CVE-2021-35564, CVE-2021-35565, CVE-2021-35588...

Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability

An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution...

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Connect:Direct Web Services

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8.0.6.35, used by IBM Connect:Direct Web Services. IBM Connect:Direct Web Services has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java...

Security Bulletin: IBM QRadar SIEM can be affected by several vulnerabilities in the IBM Java Runtime Environment (CVE-2014-0453, CVE-2014-4263, CVE-2014-4244)

Summary Previous releases of IBM QRadar Security Information and Event Manager, IBM QRadar Vulnerability Manager and IBM QRadar Risk Manager are affected by multiple vulnerabilities reported in the IBM SDK Java Technology Edition Version 6 and 7. Vulnerability Details CVEID: CVE-2014-0453...

Security Bulletin: IBM QRadar SIEM and IBM QRadar Risk Manager can be affected by Multiple Vulnerabilities in the IBM Java Runtime Environment (CVE-2014-3065, CVE-2014-6512)

Summary Previous releases of IBM QRadar SIEM, and IBM QRadar Risk Manager is affected by multiple vulnerabilities reported in the IBM SDK Java Technology Edition Version 6 and 7. Vulnerability Details CVE-ID: CVE-2014-3065 Description: Unspecified vulnerability in IBM Java Runtime Environment cou...

Security Bulletin: A vulnerability in IBM Java Runtime affects TXSeries for Multiplatforms

Summary TXSeries for Multiplatforms has addressed the following vulnerabilities reported by IBM® Runtime Environment Java™ Vulnerability Details CVEID: CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment component could allow an unauthenticated attacker t...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Spectrum Control and Tivoli Storage Productivity Center (CVE-2016-5597 CVE-2016-5546 CVE-2016-5548 CVE-2016-5549 CVE-2016-5547 CVE-2016-2183)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in October...

Security Bulletin: February 2022 :Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should...

Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.1.1 and v4.2 These have been addressed. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to request data from internal resources that are not publicly available by manipulating the processed input stream with Java runtime versions 14 to 8. The highest thre...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot on AIX and Linux (CVE-2018-1890, CVE-2018-12547)

Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in January 2019. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager on AIX and Linux. Vulnerability Details CVEID:...