Oracle Linux 9 : java-17-openjdk (ELSA-2023-5753)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5753 advisory. - OpenJDK: memory corruption issue on x8664 with AVX-512 JDK-8317121 CVE-2023-22025 - OpenJDK: certificate path validation issue during client...

Security Bulletin: Multiple vulnerabilities exist in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager.

Summary Multiple vulnerabilities exist in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597 Vulnerability Details...

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Network Manager (CVE-2023-22045, CVE-2023-22049).

Summary Vulnerabilities CVE-2023-22045, CVE-2023-22049 exist in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2. Vulnerability Details CVEID: CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component...

Oracle Linux 8 : java-17-openjdk (ELSA-2023-5751)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5751 advisory. - OpenJDK: memory corruption issue on x8664 with AVX-512 JDK-8317121 CVE-2023-22025 - OpenJDK: certificate path validation issue during client...

Debian dla-3636 : openjdk-11-dbg - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3636 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3636-1 [email protected] https://www.debian.org/lts/security/...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-11-openjdk (SUSE-SU-2023:4198-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4198-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE...

Debian DSA-5537-1 : openjdk-11 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5537 advisory. Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions or denial of service. For the oldstab...

Oracle Linux 9 : java-11-openjdk (ELSA-2023-5744)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5744 advisory. - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 Tenable has extracted the preceding description block directly...

Oracle Linux 8 : java-11-openjdk (ELSA-2023-5742)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5742 advisory. - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 Tenable has extracted the preceding description block directly...

Security Bulletin: IBM PowerVM Novalink is vulnerable because An unspecified vulnerability in Java SE related to the VM component. (CVE-2023-22045)

Summary Security Bulletin: IBM PowerVM Novalink is vulnerable because An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low confidentiality impacts. Vulnerability Details CVEID: CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Ja...

Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-34981 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain...

Security Bulletin: Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in April 2023. Affected platforms are AIX, Linux, Linux on zSystems, and Windows. Vulnerability Detail...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easily exploitable vulnerability...

Rocky Linux 8 : java-11-openjdk (RLSA-2023:5742)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5742 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:...

Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2023-399)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-399 advisory. Memory corruption bug on JDK 21 and 20 when AVX-512 is enabled. CVE-2023-22025 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported...

Amazon Linux 2023 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2023-2023-400)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-400 advisory. Memory corruption bug on JDK 21 and 20 when AVX-512 is enabled. CVE-2023-22025 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported...

Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2023-398)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-398 advisory. Vulnerability in Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381 and 8u381-perf. Easily exploitable vulnerability allows unauthenticated attacker...

Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2023-401)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-401 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2...

AlmaLinux 8 : java-17-openjdk (ALSA-2023:5751)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5751 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported...

AlmaLinux 9 : java-17-openjdk (ALSA-2023:5753)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5753 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported...