Security Bulletin: IBM CICS TX Advanced is vulnerable to a denial of service exposure due to IBM SDK, Java Technology Edition

Summary IBM SDK, Java Technology Edition is used by CICS TX Advanced to run WebSphere Liberty, Fix Installer and Java based CICS applications. The fix removes the denial of service vulnerability CVE-2022-21299 from IBM SDK, JTE. Vulnerability Details CVEID:CVE-2022-21299 DESCRIPTION: An unspecifi...

Security Bulletin: IBM CICS TX Advanced is vulnerable to no confidentiality impact, high integrity impact, and no availability impact (CVE-2021-2163)

Summary IBM CICS TX Advanced could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. The fix removes this vulnerability CVE-2021-2163 from IBM CICS TX Advanced. Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in Java SE affect IBM CICS TX Advanced

Summary Java SE is used by IBM CICS TX Advanced to run WebSphere Liberty, Fix Installer and Java based CICS applications in the product. The following CVEs are applicable: Denial of service CVEs - CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21294,...

Security Bulletin: A vulnerability (CVE-2021-35550) in Java SE affects IBM CICS TX Advanced

Summary Java SE is used by IBM CICS TX Advanced to run WebSphere Liberty, Fix Installer and Java based CICS applications in the product. The fix removes vulnerability CVE-2021-35550 that allows an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact...

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM CICS TX on Cloud

Summary IBM CICS TX on Cloud has addressed the following vulnerability reported by IBM® Runtime Environment Java™ Version 8.0 Vulnerability Details CVEID:CVE-2020-2601 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Security component could all...

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM CICS TX on Cloud

Summary IBM CICS TX on Cloud has addressed the following vulnerability reported by IBM® Runtime Environment Java™ Vulnerability Details CVEID:CVE-2020-14781 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to obtain sensiti...

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM CICS TX on Cloud

Summary IBM CICS TX on Cloud has addressed the following vulnerabilities reported by IBM® Runtime Environment Java™ Vulnerability Details CVEID:CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment component could allow an unauthenticated attacker to take...

Security Bulletin: IBM Sterling Control Center is vulnerable to a denial of service due to Jave SE (CVE-2022-21626)

Summary An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. Vulnerability Details CVEID:CVE-2022-21626 DESCRIPTION: An unspecified...

Security Bulletin: IBM PowerVM Novalink is vulnerable because Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. (CVE-2022-21628)

Summary IBM PowerVM Novalink is vulnerable because Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. Vulnerability Detail...

Security Bulletin: Multiple Vulnerabilities (CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619) affects CICS Transaction Gateway.

Summary IBM® Runtime Environment Java™ is used by CICS Transaction Gateway. The fix removes vulnerabilities CVE-2022-21628, CVE-2022-21626, CVE-2022-21624 and CVE-2022-21619 that can allow an unauthenticated attacker to obtain sensitive information. Vulnerability Details CVEID:CVE-2022-21628...

Security Bulletin: Vulnerabilities in IBM Semeru Runtime affect SPSS Collaboration and Deployment Services (CVE-2022-21628, CVE-2022-21626, CVE-2022-21618, CVE-2022-39399, CVE-2022-21624, CVE-2022-21619, CVE-2022-3676)

Summary There are vulnerabilities in IBM® Semeru Runtime Open Edition 11 used by SPSS Collaboration and Deployment Services. These issues have been addressed. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2023-1319)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : java-1.8.0-openjdk (EulerOS-SA-2023-1319)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported...

Security Bulletin: Unspecified vulnerability in Java Affects IBM Infosphere Global Name Management (CVE-2022-21496)

Summary The Java used in IBM Global Name Management has an unspecified vulnerability related to the JNDI component. Within GNM, this issue only affects ENS, a part of GNM 6 installed by a small minority of GNM customers. For GNM customers not using ENS, there is no vulnerability. Vulnerability...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle October 2022 Critical Patch Update. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By sending a specially-crafted request, ...

Rocky Linux 8 : java-1.8.0-openjdk (RLSA-2023:0208)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0208 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are...

Amazon Linux 2 : java-1.8.0-openjdk, java-1.8.0-openjdk-accessibility, java-1.8.0-openjdk-demo (ALAS-2023-1922)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1922 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf,...

Debian dla-3307 : openjdk-11-dbg - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3307 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3307-1 [email protected]...

Amazon Linux AMI : java-1.8.0-openjdk, java-1.8.0-openjdk-demo, java-1.8.0-openjdk-devel (ALAS-2023-1678)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1678 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf,...

Fedora 36 : java-17-openjdk (2023-df5421d170)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-df5421d170 advisory. New in release OpenJDK 17.0.6 2023-01-17 CVEs Fixed - CVE-2023-21835 - CVE-2023-21843 Security Fixes - JDK-8286070: Improve UTF8 representation -...