Security Bulletin: The IBM® SDK Java Technology Edition, October 2021 CPU affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Summary There are multiple security vulnerabilities that are addressed in the IBM® SDK Java Technology Edition, October 2021 CPU. The following products: IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Engineering...

CVE-2022-31159 Partial Path Traversal in com.amazonaws:aws-java-sdk-s3

The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the downloadDirectory method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the...

Security Bulletin: The IBM® SDK Java Technology Edition 8.0.7.5 contains additional security fixes that can be applied to IBM Continuous Engineering products based on IBM Jazz Technology

Summary There are security vulnerabilities that are addressed in the IBM® SDK Java Technology Edition 8.0.7.5. The following products: IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Engineering Lifecycle Management ELM...

Security Bulletin: The IBM® SDK Java Technology Edition 8.0.7.5 contains additional security fixes that can be applied to IBM Continuous Engineering products based on IBM Jazz Technology

Summary There are security vulnerabilities that are addressed in the IBM® SDK Java Technology Edition 8.0.7.5. The following products: IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Engineering Lifecycle Management ELM...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - April 2022 - Includes Oracle April 2022 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in Java SE related to th...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - October 2021 & January 2022

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, as used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in October 2021 and January 2022. IBM Virtualization Engine TS7700 has addressed the applicable...

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 8.0.7.5. Vulnerability Details CVEID: CVE-2022-21365 DESCRIPTION:...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2022 - Includes Oracle® January 2022 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in Jan 2022. Vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager (CVE-2021-35603)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|---...

Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in IBM® SDK Java™ Technology Edition

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by Enterprise Content Management System Monitor. Enterprise Content Management System Monitor has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2022-21341 DESCRIPTION: An unspecified...

Security Bulletin: The IBM® SDK Java Technology Edition, October 2021 CPU affect IBM Common Licensing (CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE-2021-35556, CVE-2021-35565, CVE-2021-35588, CVE-2021-41035)

Summary There are multiple security vulnerabilities that are addressed in the IBM® SDK Java Technology Edition, October 2021 CPU, found in the IBM® Runtime Environment Java™ used by IBM License Key Server Administration and Reporting Tool and its Agent. Vulnerability Details Refer to the security...

Security Bulletin: Vulnerability in IBM SDK, Java Technology (CVE-2022-21341, CVE-2022-21294, CVE-2022-21293 and CVE-2022-21248) affects Power HMC

Summary IBM Java is used by IBM Power Hardware Management Console HMC for running java applications and services. This bulletin provides a remediation for the impacted vulnerabilities, CVE-2022-21341, CVE-2022-21294, CVE-2022-21293 and CVE-2022-21248 by upgrading IBM Power Hardware Management...

Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager (CVE-2021-35603).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2, which was disclosed in the Oracle October 2021 Critical Patch Update Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager (CVE-2021-35550).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.2, which was disclosed in the Oracle October 2021 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2015-4872)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8, that is used by IBM Standards Processing Engine and IBM Transformation Extender Advanced. This issue was disclosed as part of the IBM Java SDK updates for October 2015. Vulnerability Details CVEID: CVE-2015-48...

com.amazon.aes.webservices.client:ec2-java-client (=20080327), com.cybersource:cybersource-sdk-java (>=6.2.0 <=6.2.1) +83 more potentially affected by CVE-2015-0227 via wss4j:wss4j (>=1.5.0 <=1.5.1)

wss4j:wss4j MAVEN version =1.5.0, =6.2.0, =1.0.12, =9.00.2110.07.220316, =0.0.9, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =0.3.0 - com.github.rapidark:rapid-ark-pretty =0.3.0 - com.github.rapidark:rapid-ark-pretty-demo =0.3.0 - com.github.rapidark:rapid-ark-pretty-demo-keeper =0.3.0 -...

br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2), com.cybersource:cybersource-sdk-java (>=6.0.1 <=6.1.0) +401 more potentially affected by CVE-2014-3623 via org.apache.ws.security:wss4j (>=1.5.10 <=1.6.16)

org.apache.ws.security:wss4j MAVEN version =1.5.10, =1.2.1, =6.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =4.0.3, =1.0.0, =1.0, =1.0.1, =2.4.0, =2.6.16 and more Source cves: CVE-2014-3623 Source advisory: OSV:GHSA-99V3-9X35-C5VF...

Security Bulletin: Vulnerability in IBM SDK Java affects IBM Cloud Pak System (CVE-2020-27221)

Summary Vulnerability in IBM SDK Java affects IBM Cloud Pak System. OS Image for Red Enterprise Linux shipped with Cloud Pak System addressed this vulnerability. Vulnerability Details CVEID: CVE-2020-27221 DESCRIPTION: Eclipse OpenJ9 is vulnerable to a stack-based buffer overflow when the virtual...

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 8.0.7.5. Vulnerability Details CVEID: CVE-2021-41035 DESCRIPTION:...