PT-2023-4049

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u371-perf, 17.0.7, 20.0.1 Oracle GraalVM Enterprise Edition versions 21.3.6, 22.3.2 Oracle GraalVM for JDK versions 17.0.7, 20.0.1 Description The issue is related to errors in processing input data in the Hotspot...

Oracle Java SE 安全漏洞

Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a set of on-the-fly compilers written in the Java language...

Oracle Java SE 安全漏洞

Oracle Java SE is an Oracle product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE, which...

Oracle Java SE 安全漏洞

Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a set of on-the-fly compilers written in the Java language...

PT-2023-4051

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 11.0.19, 17.0.7, 20.0.1 Oracle GraalVM Enterprise Edition versions 20.3.10, 21.3.6, 22.3.2 Oracle GraalVM for JDK versions 17.0.7, 20.0.1 Description The issue is related to errors in processing input data in the Utilit...

OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploi...

Important: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...

OpenJDK: missing string checks for NULL characters (8296622)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to explo...

The vulnerability of the Keytool component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Keytool component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete data...

Security Bulletin: IBM Security SOAR is using a component with multiple known vulnerabilities

Summary IBM Security SOAR uses an older version of Java that may be identified and exploited. An update has been released which addresses these issues. It is recommended upgrading to Version 49.1 or later of IBM Security SOAR. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified...

Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in Oracle Java SE

Summary There is a vulnerability in Oracle Java SE used by Enterprise Content Management System Monitor. Enterprise Content Management System Monitor has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (April 2023) affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details CVEID:CVE-2023-21967 DESCRIPTION: An unspecified...

SUSE SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2021:3797-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3797-1 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions tha...

The vulnerability of the JSE component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the JSE component of Oracle Java SE software and the Oracle GraalVM Enterprise Edition virtual machine is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects APM Agents for Monitoring

Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. This effects all IBM Cloud Application Performance Management agents, all versions. Vulnerability Details CVEID:CVE-2021-28167 DESCRIPTION: Eclipse Openj9 could allow a...

Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to unspecified vulnerabilities due to IBM Runtime Environment Java Technology Edition

Summary IBM Java is used by IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms in product configuration and data transmission. IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms is impacted by unspecified vulnerabilities in IBM Java. IBM Sterling Connect:Dire...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by AIX. AIX has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSS...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Tue Jul 11 10:46:27 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/javajul2023advisory.asc Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX...