Fedora 35 : java-1.8.0-openjdk (2022-b050ae8974)

"The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-b050ae8974 advisory. New in release OpenJDK 8u352 2022-10-18 Release announcement Full release notes Security Fixes JDK-8282252: Improve BigInteger/Decimal validation...

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.6. Vulnerability Details CVEID:CVE-2018-8023 DESCRIPTION: Apache Mesos could allow a remote attacker to obtain sensitive information, caused by a timing attack in the JSON Web Token JWT implementation. By...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.1.8)

The version of AOS installed on the remote host is prior to 6.5.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.1.8 advisory. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 - If Apache Tomcat 8.5.0...

SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2022:4452-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4452-1 advisory. Update to version jdk8u352 icedtea-3.25.0: - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability...

SUSE SLES12: java-1_8_0-openjdk / java-1_8_0-openjdk-demo / etc (SUSE-SU-2022:4373-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4373-1 advisory. Update to version jdk8u352 icedtea-3.25.0: - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows...

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...

OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to...

Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Security Bulletin: IBM Enterprise Content Management System Monitor is affected by CVE-2021-2163

Summary IBM Enterprise Content Management System Monitor is affected by CVE-2021-2163 and IBM Enterprise Content Management System Monitor team has addressed it. Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could...

F5 Networks BIG-IP : Java vulnerability (K71522481)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K71522481 advisory. - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component...

Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Business Service Manager (CVE-2021-2163)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about a security vulnerability affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An...

Security Bulletin: IBM Sterling External Authentication Server vulnerable to unspecified issue due to Java SE (CVE-2021-2163)

Summary A Java vulnerability affects IBM Sterling External Authentication Server. Issue has been addressed. Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no...

F5 Networks BIG-IP : Java vulnerability (K35253541)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K35253541 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, swagger, jQuery, Netty, Apache commons, validator.js, Chalk ansi-regex, Json-schema, Java SE and IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2021-4453...

Security Bulletin: IBM Cloud Transformation Advisor is affected by multiple IBM Java Runtime vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple IBM Java Runtime vulnerabilities. Vulnerability Details CVEID:CVE-2021-2388 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to take control of the system. CVSS...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, Java SE and various other libraries. Vulnerability Details CVEID:CVE-2022-0778 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the BNmodsqrt function...

SUSE SLES12: java-1_8_0-ibm / java-1_8_0-ibm-alsa / java-1_8_0-ibm-devel / etc (SUSE-SU-2022:4290-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4290-1 advisory. - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterpris...

SUSE: Security Advisory (SUSE-SU-2022:4290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4290-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: - CVE-2022-21626: An unauthenticated attacker with network access via HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition bsc1204471. - CVE-2022-21618: An unauthenticated attacker with network access via Kerberos can...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect App Connect Professional.

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in Jul pr 2022, App Connect Professional have addressed the applicable CVEs. These vulnerabilities are addressed in App connec...