High Severity

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server January 2020 CPU

Share this post:

There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These might affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Application Server Hypervisor Edition. These products have addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for “IBM Java SDK Security Bulletin” located in the References section for more information. HP fixes are on a delayed schedule.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
WebSphere Application Server 9.0
WebSphere Application Server 8.5
WebSphere Application Server Liberty Continuous delivery

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1289194

More stories

Security Bulletin: WebSphere Liberty susceptible to HTTP2 implementation vulnerabilities

Mar 26, 2020 8:00 pm EDT | High Severity

WebSphere Liberty susceptible to HTTP2 implementation vulnerabilities ...read more


Security Bulletin: A Vulnerability in IBM Java Runtime Affects IBM Sterling Connect:Direct File Agent

Mar 26, 2020 8:00 pm EDT | High Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 7 and 8 used by IBM Sterling Connect:Direct File Agent. IBM Sterling Connect:Direct File Agent has addressed the applicable CVE. ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i

Mar 26, 2020 8:00 pm EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i. IBM i has addressed the applicable CVEs. ...read more