Security Bulletin: Multiple vulnerabilities affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.

Summary Java Runtime Environments and IBM Semeru Runtimes are used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition have been updated in order to address the multip...

CVE-2023-46124

CVE-2023-46124 affects the Fides web application. Specially crafted YAML dataset/configs uploaded as a ZIP can trigger Server-Side Request Forgery, allowing a malicious user to issue arbitrary requests to internal resources (including localhost) and exfiltrate data. The root cause is inadequate v...

CVE-2023-46126 Fides JavaScript Injection Vulnerability in Privacy Center URL

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, helping enforce privacy regulations in code. The Fides web application allows users to edit consent and privacy notices such as cookie banners. The vulnerability mak...

CVE-2023-46126 Fides JavaScript Injection Vulnerability in Privacy Center URL

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, helping enforce privacy regulations in code. The Fides web application allows users to edit consent and privacy notices such as cookie banners. The vulnerability mak...

[SECURITY] Fedora 36 Update: source-to-image-1.3.1-5.fc36

Source-to-Image S2I is a toolkit and workflow for building reproducible container images from source code. S2I produces ready-to-run images by injecting source code into a container image and letting the container prepare that source code for execution. By creating self-assembling builder images,...

[SECURITY] Fedora 36 Update: source-to-image-1.3.1-4.fc36

Source-to-Image S2I is a toolkit and workflow for building reproducible container images from source code. S2I produces ready-to-run images by injecting source code into a container image and letting the container prepare that source code for execution. By creating self-assembling builder images,...

Security Bulletin: The IBM® Runtime Environments Java™ version shipped with IBM MDM SE engine, Workbench, and Brokers may not address all security vulnerabilities

Summary IBM® Runtime Environment Java™ Technology Edition, Version 1.6 shipped with IBM MDM SE engine, Workbench, and Brokers contains multiple vulnerabilities. IBM MDM SE engine, Workbench, and Brokers has addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2015-0138 DESCRIPTION: A...

Security Bulletin: A vulnerability in IBM® Runtime Environments Java™ Technology Edition Versions affects IBM® Db2®. (January 2021 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environments Java™ Technology Edition, Versions 7.0.10.55 and earlier, 7.1.4.55 and earlier, 8.0.6.0 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM® SDKs Java™ Technology Edition updates in Jan 2021...

Security Bulletin: Vulnerabilities in IBM Runtime Environments Java Technology Edition affect IBM Transformation Extender

Summary There are vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 and 8, IBM SDK, Java Technology Edition Version 8 and Eclipse Open J9 that affect IBM Transformation Extender. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified vulnerability in...

Security Bulletin: Vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 & 8, IBM SDK, Java Technology Edition Version 8 and Eclipse OpenJ9 Affect Transformation Extender

Summary There are vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 and 8, IBM SDK, Java Technology Edition Version 8 and Eclipse Open J9 that affect IBM Transformation Extender. Vulnerability Details CVEID: CVE-2019-2989 Description: A flaw in the...

Security Bulletin: Vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 & 8, IBM SDK, Java Technology Edition Version 8 and Eclipse OpenJ9 Affect Transformation Extender

Summary There are vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 and 8, IBM SDK, Java Technology Edition Version 8 and Eclipse Open J9 that affect IBM Sterling Transformation Extender. Vulnerability Details CVEID: CVE-2019-11771 Description: Eclipse OpenJ9 AIX...

Security Bulletin: Vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 & 8, IBM SDK, Java Technology Edition Version 8 and Eclipse OpenJ9 Affect Transformation Extender

Summary There are vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 and 8, IBM SDK, Java Technology Edition Version 8 and Eclipse Open J9 that affect IBM Transformation Extender. Vulnerability Details CVEID: CVE-2018-1890 Description: On the AIX platform, the IBM Jav...

There are vulnerabilities in IBM® Java™ Runtime Environments version 7.0, 7R1 and 8.0 that are used by Rational Host On-Demand (HOD)

Summary There are vulnerabilities in IBM® Java™ Runtime Environments version 7.0, 7R1 and 8.0 that are used by Rational Host On-Demand HOD Security Bulletin: Vulnerability in IBM® Java™ Runtime Environments affects Rational Host On-Demand CVE-2016-5582, CVE-2016-5568, CVE-2016-5556, CVE-2016-5573...

Security Bulletin: Multiple vulnerabilities in IBM Runtime Environments Java Technology Edition, versions 6, 7, & 8 affect Transformation Extender

Summary There are multiple vulnerabilities in IBM® Runtime Environments Java™ Technology Edition versions 6, 7, & 8 that are used by Transformation Extender. This issue was disclosed as part of the IBM Java SDK updates in January and April, 2017. Vulnerability Details CVEID: CVE-2016-5546...

Security Bulletin: Multiple vulnerabilities in IBM Runtime Environments Java Technology Edition, versions 6, 7, & 8 affect Transformation Extender

Summary There are multiple vulnerabilities in IBM® Runtime Environments Java™ Technology Edition versions 6, 7, & 8 that are used by Transformation Extender. This issue was disclosed as part of the IBM Java SDK updates in July 2017. Vulnerability Details CVEID: CVE-2017-10102 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in the IBM Runtime Environments Java Technology Edition, Versions 6 and 7 in TPF Toolkit (CVE-2015-0204, CVE-2015-0478, CVE-2015-0488, CVE-2015-1916, CVE-2015-4000)

Summary Multiple security vulnerabilities exist in the IBM® Runtime Environments Java™ Technology Edition, Versions 6 and 7 that are shipped in TPF Toolkit. Vulnerability Details CVEID: CVE-2015-0204 DESCRIPTION: A vulnerability in the OpenSSL ssl3getkeyexchange function could allow a remote...

Security Bulletin: Multiple vulnerabilities in the IBM Runtime Environments Java Technology Edition, Versions 6 and 7 in TPF Toolkit (CVE-2014-6593, CVE-2015-0410, and CVE-2015-0138)

Summary Multiple security vulnerabilities exist in the IBM® Runtime Environments Java™ Technology Edition, Versions 6 and 7 that are shipped in TPF Toolkit. Vulnerability Details CVEID: CVE-2014-6593 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and JRockit related to the JSSE...

Security Bulletin: Multiple vulnerabilities in IBM® Runtime Environments Java™ Technology Edition, Versions 6, 7, 8 affect IBM Transformation Extender Hypervisor Edition (CVE-2016-0466, CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® Runtime Environments Java™ Technology Edition, Versions 6, 7, 8 that are used by IBM Transformation Extender Hypervisor Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and include the vulnerability commonl...

CVE-2017-3241

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with...