High Severity

IBM Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Share this post:

Java SE issues disclosed in the Oracle July 2019 Critical Patch Update, plus four additional vulnerabilities

CVE(s): CVE-2019-7317, CVE-2019-2769, CVE-2019-2762, CVE-2019-2816, CVE-2019-2786, CVE-2019-2766, CVE-2019-11772, CVE-2019-11775, CVE-2019-4473, CVE-2019-11771

Affected product(s) and affected version(s):
IBM SDK, Java Technology Edition, Version 7 Service Refresh 10 Fix Pack 45 and earlier releases
IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 4 Fix Pack 45 and earlier releases
IBM SDK, Java Technology Edition, Version 8 Service Refresh 5 Fix Pack 37 and earlier releases

For detailed information on which CVEs affect which releases, please refer to the IBM SDK, Java Technology Edition Security Vulnerabilities page.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10960422
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156548
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163832
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163826
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163878
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163849
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163829
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163990
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164479
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163989

More stories

IBM Security Bulletin: IBM Security Access Manager for Enterprise Single-Sign On is affected by an XML External Entity Injection (XXE) vulnerability (CVE-2019-4513)

Aug 22, 2019 9:01 am EDT | High Severity

IBM Security Access Manager for Enterprise Single-Sign On has addressed the following vulnerability: XML External Entity Injection (XXE) attack when processing XML data. CVE(s): CVE-2019-4513 Affected product(s) and affected version(s):IBM Security Access Manager for Enterprise Single-Sign On 8.2.2 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10996716X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164555 ...read more


IBM Security Bulletin: This Power System update is being released to address CVE-2019-4169

Aug 22, 2019 9:01 am EDT | High Severity

POWER9: In response to an IPMI implementation error, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2019-4169. CVE(s): CVE-2019-4169 Affected product(s) and affected version(s):P9 OpenPOWER releases OP910 and OP920 are affected. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10881209X-Force ...read more


IBM Security Bulletin: A vulnerability in Open Source Libvirt affects IBM Netezza Host Management

Aug 21, 2019 9:01 am EDT | High Severity

Open Source Libvirt is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. CVE(s): CVE-2019-10161 Affected product(s) and affected version(s): IBM Netezza Host Management 5.4.17.0 – 5.4.24.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10964462X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162805 ...read more