Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Storage Productivity Center (CVE-2016-0363)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6.0.16.21 and earlier that is shipped with Tivoli Storage Productivity Center for download and use with its Java WebStart GUI. These issues were disclosed as part of the IBM Java SDK updates in April 2016...

Security Bulletin: Tivoli Storage Productivity Center - Oracle CPU February 2013, April 2013

Summary Multiple security vulnerabilities exist in the IBM Java SDK that is shipped with IBM Tivoli Storage Productivity Center. Vulnerability Details IBM Tivoli Storage Productivity Center 5.x and 4.x are shipped with an IBM Java SDK that is based on the Oracle JDK. Oracle released February 2013...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Service Tester (CVE-2021-35603)

Summary A vulnerability in IBM SDK Java Version 1.8 and IBM Runtime Environment Java Version 1.8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to th...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Service Tester (CVE-2021-35550)

Summary A vulnerability in IBM SDK Java Version 1.8 and IBM Runtime Environment Java Version 1.8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2021-35550 DESCRIPTION: An unspecified vulnerability in Java SE related to th...

OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

Debian: Security Advisory (DSA-5192-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearQuest (CVE-2021-35561, CVE-2022-21299, CVE-2022-21496)

Summary There are multiple vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which are used by IBM Rational ClearQuest. These issues were disclosed in the IBM Java SDK updates in April 2022. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearQuest

Summary There are multiple vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which are used by IBM Rational ClearQuest. These issues were disclosed in the IBM Java SDK updates in October 2021. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details...

Important: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Security Bulletin: Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearCase ( CVE-2021-35578, CVE-2021-35603, CVE-2021-35550, CVE-2021-35561, CVE-2022-21299 )

Summary There are vulnerabilities in the IBM® Runtime Environment Java™ Versions 7 and 8, which is used by IBM Rational ClearCase. These issues were disclosed as part of the IBM Java SDK updates in October 2021 and January 2022. Vulnerability Details CVEID:CVE-2021-35578 DESCRIPTION: An unspecifi...

Important: java-1.8.0-openjdk security, bug fix, and enhancement update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-1.8.0-openjdk 1.8.0.342.b07. BZ2084776 Security Fixes: OpenJDK: integer truncation issue in...

Debian: Security Advisory (DSA-5188-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WebSphere Application Server and IBM HTTP Server Security Bulletin List

Question Is there a list that contains the security bulletins that apply to WebSphere Application Server and IBM HTTP Server? Answer The following table is provided to help you locate WebSphere Application Server and IBM HTTP Server security bulletins. These are listed numerically by CVE number n...

Security Bulletin: Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in July 2021, October 2021 and January 2022. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: ...

The vulnerability of the Scripting component of the Java Runtime Environment and the Java Development Kit, which allows attackers to influence the integrity, accessibility, and confidentiality of protected information.

The vulnerability of the Scripting component of the Java Runtime Environment and the Java Development Kit application development tools is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to influence the integrity, accessibility, and...

The vulnerability of the AtomicReferenceArray class implementation in the Concurrency component of the Java Runtime Environment allows a malicious actor to trigger a service failure.

The vulnerability of the AtomicReferenceArray class implementation in the Java Runtime Environment concurrency component is related to errors in object type handling. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-21496 DESCRIPTION: An...

Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Operations Center and Client Management Service (CVE-2021-35550, CVE-2021-35603)

Summary Vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in October 2021. IBM® Runtime Environment Java™, used by IBM Spectrum Protect Operations Center and Client Management Service, may be affected by the below vulnerabilities CVEs...

Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Server (CVE-2021-35550, CVE-2021-35603)

Summary Vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in October 2021. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Server and may be affected by the below vulnerabilities CVEs. Vulnerability Details CVEID: CVE-2021-35603...

The vulnerability of the Java Runtime Environment software platform arises from operations that go beyond the buffer boundaries in memory, allowing attackers to compromise the integrity of the runtime environment or disable the security monitor.

The vulnerability of the Java Runtime Environment software platform arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to compromise the integrity of the system or disable the security controller...