Security Bulletin: Vulnerabilites in Java SE affect IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Virtual Environments and IBM Spectrum Protect for Space Management (CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619)

Summary IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Virtual Environments Data Protection for Microsoft Hyper-V and Data Protection for VMware, and IBM Spectrum Protect for Space Management can be affected by vulnerabilities in Java SE. Vulnerabilities include denial of...

Security Bulletin: Vulnerability in Java SE may affect IBM Spectrum Protect Operations Center (CVE-2022-21626)

Summary IBM Spectrum Protect Operations Center may be affected by vulnerabilityies in Java SE such as denial of service attack, as described by the CVEs in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2022-21626 DESCRIPTION: An unspecified vulnerability in Java SE related ...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-11-openjdk (SUSE-SU-2023:0752-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0752-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java ...

Security Bulletin: Vulnerabilities in Golang Go and Java SE might affect IBM Spectrum Copy Data Management (CVE-2022-41717, CVE-2023-21830, CVE-2023-21835, CVE-2023-21843)

Summary Vulnerabilities in Golang Go and Java SE might affect IBM Spectrum Copy Data Management. Vulnerabilities include denial of service attacks, as described by the CVEs in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2022-41717 DESCRIPTION: Golang Go is vulnerable to a...

SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2023:0720-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0720-1 advisory. Updated to version jdk8u362 icedtea-3.26.0: - CVE-2023-21830: Fixed improper restrictions in CORBA deserialization...

Security Bulletin: A vulnerability (CVE-2022-21299) in IBM Java Runtime affects CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition

Summary IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 is used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. The fix removes vulnerability CVE-2022-21299 that could allow an unauthenticated attacker to cause a denial of service. Vulnerabili...

Security Bulletin: multiple vulnerabilities in Java SE may affect TXSeries for Multiplatforms

Summary TXSeries for Multiplatforms has addressed multiple vulnerabilities in Java SE CVE-2022-21628, CVE-2022-21626, CVE-2022-21624 and CVE-2022-21619. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP...

Security Bulletin: multiple vulnerabilities in Java SE may affect CICS TX Advanced

Summary CICS TX Advanced has addressed multiple vulnerabilities in Java SE CVE-2022-21628, CVE-2022-21626, CVE-2022-21624 and CVE-2022-21619. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By...

Security Bulletin: multiple vulnerabilities in Java SE may affect CICS TX Standard

Summary CICS TX Standard has addressed multiple vulnerabilities in Java SE CVE-2022-21628, CVE-2022-21626, CVE-2022-21624 and CVE-2022-21619. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By...

SUSE SLES11: java-1_7_0-ibm / java-1_7_0-ibm-alsa / java-1_7_0-ibm-devel / etc (SUSE-SU-2022:14926-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14926-1 advisory. Update Java 7.0 to Service Refresh 11 Fix Pack 5 bsc1197126. Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365...

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2022:14876-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14876-1 advisory. - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2023-1506)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : java-1.8.0-openjdk (EulerOS-SA-2023-1506)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported...

Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2023-1697)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.362.b08-1.72. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1697 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

Medium: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service due to [CVE-2023-21830, CVE-2023-21835, CVE-2023-21843]

Summary Java SE is used by IBM App Connect Enterprise Certified Container by the component that stores DesignerAuthoring flows and by the component that provides mapping assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2022 - Includes Oracle October 2022 CPU and IBM Java - OpenJ9 CVE-2022-3676

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 8 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM Java SDK updates in Oct 2022 and IBM Ja...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : OpenJDK vulnerabilities (USN-5897-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5897-1 advisory. Juraj Somorovsky, Marcel Maehren, Nurullah Erinola, and Robert Merget discovered that the DTLS implementation in the JSSE subsyst...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : OpenJDK vulnerabilities (USN-5898-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5898-1 advisory. It was discovered that the Serialization component of OpenJDK did not properly handle the deserialization of some COR...

Security Bulletin: IBM b-type SAN directors and switches affected by Java Technology Edition Quarterly CPU - Jan 2017 vulnerabilities.

Summary IBM b-type SAN directors and switches addressing CVEs pertaining to vulnerabilities in Java Technology Edition Quarterly CPU - Jan 2017. Vulnerability Details Relevant CVE Information: CVEID: CVE-2017-3289 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded...