Medium Severity

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server October 2019 CPU

Share this post:

There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These might affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Application Server Hypervisor Edition. These products have addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for “IBM Java SDK Security Bulletin” located in the References section for more information. HP fixes are on a delayed schedule.

Affected product(s) and affected version(s):

IBM SDK, Java Technology Editions used with WebSphere Application Server Liberty
IBM SDK, Java Technology Editions used with IBM WebSphere Application Server Traditional Version 9.0.0.0 through 9.0.5.1, 8.5.0.0 through 8.5.5.16.
IBM SDK, Java Technology Editions shipped in Application Client for IBM WebSphere Application Server Version 9.0.0.0 through 9.0.5.1, 8.5.0.0 through 8.5.5.16.

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1126887

More stories

Security Bulletin: Vulnerability in Apache Commons Compress affects IBM Spectrum Protect Plus (CVE-2019-12402).

Feb 22, 2020 7:00 pm EST | Medium Severity

A denial of service vulnerability in Apache Commons Compress affects IBM Spectrum Protect Plus. ...read more



Security Bulletin: Multiple vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus

Feb 22, 2020 7:00 pm EST | Medium Severity

There are multiple security vulnerabilities in the Linux Kernel that affect IBM Spectrum Protect Plus. ...read more