Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweig...

Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2023-003)

The version of java-11-openjdk installed on the remote host is prior to 11.0.18.0.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2JAVA-OPENJDK11-2023-003 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java ...

Medium: java-11-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...

Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2023-1963)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.362.b08-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1963 advisory. Improve CORBA communication: CORBA deserialization can result in outbound network connections with data passed i...

K15217245: Oracle Java SE vulnerability CVE-2018-2815

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability...

K53146535: Multiple Sun Java vulnerabilities

Security Advisory Description CVE-2013-5870 Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. CVE-2013-5878 Unspecified vulnerability in Oracle Java SE 6u65 and...

K78530002: Java vulnerability CVE-2013-5803

Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via...

K50394032: Java SE vulnerabilities CVE-2018-3149, CVE-2018-3169, and CVE-2018-3209

Security Advisory Description CVE-2018-3149 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit...

K16940442: Java SE vulnerability CVE-2018-3136

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacke...

K76444020: OpenJDK vulnerabilities CVE-2019-2933 and CVE-2019-2958

Security Advisory Description CVE-2019-2933 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows...

K17125: Multiple Java vulnerabilities

Security Advisory Description CVE-2015-0458 Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2015-0459 Unspecified vulnerability in Oracle Java SE 5.0u8...

K35104614: Java SE vulnerability CVE-2017-10116

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows...

K55136511: Java SE vulnerabilities CVE-2019-2978 and CVE-2019-2989

Security Advisory Description CVE-2019-2978 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows...

K40264570: Java SE vulnerabilities CVE-2019-2987, CVE-2019-2988, and CVE-2019-2992

Security Advisory Description CVE-2019-2987 Vulnerability in the Java SE product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

K07519400: Java SE vulnerabilities CVE-2019-2602, CVE-2019-2698, CVE-2019-2945, and CVE-2019-2962

Security Advisory Description CVE-2019-2602 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows...

K40521234: Multiple Oracle Java SE vulnerabilities

Security Advisory Description CVE-2016-3458 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA. CVE-2016-3498 Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remot...

K62103028: Multiple Java vulnerabilities CVE-2020-2583, CVE-2020-2590, CVE-2020-2593

Security Advisory Description CVE-2020-2583 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows...

K95003704: Java SE vulnerability CVE-2018-3183

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Scripting. Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows...

K31833420: Multiple Oracle Java SE vulnerabilities

Security Advisory Description CVE-2022-21305 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and...

K35253541: Java vulnerability CVE-2020-14797

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker...