Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14779 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization...

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Connect:Direct Web Service

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8.0.6.5, used by IBM Connect:Direct Web Service. IBM Connect:Direct Web Services has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2604 DESCRIPTION: An unspecified vulnerability in Java SE...

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect Connect:Direct Web Service

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8.0.6.5, used by Connect : Direct web service. Connect:Direct Web Services has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-11771 DESCRIPTION: Eclipse OpenJ9 could allow a local attacker ...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA (March 2021)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14779 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component...

Security Bulletin: IBM Java Runtime Vulnerabilities affect the IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments

Summary Vulnerabilities in IBM® Runtime Environment Java™ such as denial of service and ability to obtain sensitive information could affect the IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Envionments. These...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Host On-Demand

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by Host On-Demand. Host On-Demand has addressed the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and Runtime Environment updates in July 2020. Vulnerability Details CVEID:...

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Installation Manager and IBM Packaging Utility

Summary There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-14577 DESCRIPTION: An unspecifie...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14797 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow...

Security Bulletin: Multiple CVEs - Vulnerabilities in IBM Java Runtime affect IBM Integration Designer used in IBM Business Automation Workflow and IBM Business Process Manager

Summary Vulnerabilities in IBM® Runtime Environment Java™ Versions 7 and 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details CVEID: CVE-2020-14579 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries compone...

java-1.8.0-openjdk bug fix and enhancement update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fixes and Enhancements: Currently, Java applications run with Speculative Store Bypass SSB, CVE-2018-3639 disabled. Disabling SSB results in a performance degradatio...

Security Bulletin: CVE-2019-4732 vulnerability in IBM Java Runtime affects IBM Integration Designer used in IBM Business Automation Workflow and IBM Business Process Manager

Summary A vulnerability exists in IBM® Runtime Environment Java™ Versions 7 and 8 used by IBM Integration Designer. IBM Integration Designer has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-4732 DESCRIPTION: IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55...

Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Spectrum Scale Transparent Cloud Tiering (CVE-2020-14577, CVE-2020-14578, CVE-2020-14579)

Summary There are vulnerabilities in the IBM® Runtime Environment Java™ Version 8, which is used by BM Spectrum Scale Transparent Cloud Tiering . These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional...

XStream: remote code execution due to insecure XML deserialization when relying on blocklists

A flaw was found in xstream. An unsafe deserialization of user-supplied XML, in conjunction with relying on the default deny list, allows a remote attacker to perform a variety of attacks including a remote code execution of arbitrary code in the context of the JVM running the XStream application...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime 1.8 affect IBM Sterling Secure Proxy

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling Secure Proxy. IBM Sterling Secure Proxy has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14579 DESCRIPTION: An unspecified vulnerability in Java SE related to the...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational Synergy

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6 Service Refresh 16 Fix Pack 50 and earlier releases used by IBM Rational Synergy. These issues were disclosed as part of the IBM Java SDK updates in October 2017 and January 2018. Vulnerability Details If you r...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Synergy (CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 Service Refresh 16 Fix Pack 20 that is used by IBM Rational Synergy. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3426...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Synergy (CVE-2016-0475 and CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 Service Refresh 16 Fix Pack 15 and earlier releases that is used by Rational Synergy. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the...

Security Bulletin: Multiple Vulnerabilities in Rational Synergy

Summary Vulnerabilities in the Java Runtime Environment JRE 6 SR10 and earlier component shipped with Rational Synergy may affect the security of the product. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for...

Security Bulletin: Unspecified Vulnerabilities in Rational Synergy (CVE-2012-0502,CVE-2012-0503,CVE-2012-0506,CVE-2012-0507,CVE-2011-3563,CVE-2012-0500,CVE-2012-0497,CVE-2012-0498,CVE-2012-0499,CVE-2012-0500,CVE-2012-0501,CVE-2012-0505,CVE-2011-5035)

Summary Vulnerabilities in the Java Runtime Environment JRE 6 update 32 and earlier component shipped with IBM Rational Synergy may affect the security of the product. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational Synergy

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6 Service Refresh 16 Fix Pack 30 and earlier releases used by IBM Rational Synergy. These issues were disclosed as part of the IBM Java SDK updates in Jul 2017. Vulnerability Details If you run your own Java code...