High Severity

IBM Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Share this post:

Java SE issues disclosed in the Oracle July 2019 Critical Patch Update, plus four additional vulnerabilities

CVE(s): CVE-2019-7317, CVE-2019-2769, CVE-2019-2762, CVE-2019-2816, CVE-2019-2786, CVE-2019-2766, CVE-2019-11772, CVE-2019-11775, CVE-2019-4473, CVE-2019-11771

Affected product(s) and affected version(s):
IBM SDK, Java Technology Edition, Version 7 Service Refresh 10 Fix Pack 45 and earlier releases
IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 4 Fix Pack 45 and earlier releases
IBM SDK, Java Technology Edition, Version 8 Service Refresh 5 Fix Pack 37 and earlier releases

For detailed information on which CVEs affect which releases, please refer to the IBM SDK, Java Technology Edition Security Vulnerabilities page.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10960422
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156548
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163832
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163826
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163878
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163849
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163829
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163990
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164479
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163989

More stories

IBM Security Bulletin: Security Bulletin: IBM Event Streams is affected by jackson-databind vulnerabilities

Oct 22, 2019 9:01 am EDT | High Severity

IBM Event Streams has addressed the following vulnerabilities in the jackson-databind versions shipped. CVE(s): CVE-2019-12814, CVE-2019-14439, CVE-2019-14540, CVE-2019-16335 Affected product(s) and affected version(s): IBM Event Streams 2019.2.1 or earlier Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://supportcontent.ibm.com/support/pages/node/1079409X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162875X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164744X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/167354X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/167205 ...read more


IBM Security Bulletin: Version 8.15.0 of Node.js included in IBM Cloud Event Management 2.3.0 has several security vulnerabilities.

Oct 21, 2019 9:02 am EDT | High Severity

Security Bulletin: Version 8.15.0 of Node.js included in IBM Cloud Event Management 2.3.0 has several security vulnerabilities). CVE(s): CVE-2019-9516, CVE-2019-9515, CVE-2019-9518, CVE-2019-9517, CVE-2019-9512, CVE-2019-9511, CVE-2019-9514, CVE-2019-9513 Affected product(s) and affected version(s): IBM Cloud Event Management on IBM Cloud Private Version 2.3.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www.ibm.com/support/pages/node/1078209X-Force ...read more


IBM Security Bulletin: IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition is affected by HTTP Server vulnerabilities

Oct 21, 2019 9:01 am EDT | High Severity

IBM HTTP Server is shipped as a component of IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. CVE(s): CVE-2019-0211, CVE-2019-0220 Affected product(s) and affected version(s): Principal Product and Version(s) Affected Supporting Product and Version IBM Cloud Orchestrator and IBM ...read more