Low Severity

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server October 2020 CPU

Share this post:

There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These might affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Application Server Hypervisor Edition. These products have addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for “IBM Java SDK Security Bulletin” located in the References section for more information. HP fixes are on a delayed schedule.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
WebSphere Application Server Liberty Continuous Delivery
WebSphere Application Server 9.0
WebSphere Application Server 8.5

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6379260

More stories

Security Bulletin: Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Apr 16, 2021 8:02 pm EDT | Low Severity

There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in October 2020 and January 2021. ...read more


Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Server, Operations Center, and Client Management Service (CVE-2020-14782, CVE-2020-27221)

Apr 16, 2021 8:01 pm EDT | Low Severity

Vulnerabilities in IBM® Runtime Environment Java™ affect IBM Spectrum Protect Server, IBM Spectrum Protect Operations Center, and IBM Spectrum Protect Client Management Server. These Java vulnerabilities were disclosed as part of the IBM Java SDK updates in October 2020 and January 2021. ...read more


Security Bulletin: Vulnerabilities in Java SE affect the IBM FlashSystem models 840 and 900

Apr 16, 2021 8:01 pm EDT | Low Severity

Multiple vulnerabilities in Java SE (CVE-2020-14579, CVE-2020-14578, and CVE-2020-14577) affect the IBM FlashSystem models 840 and 900. ...read more