Java SDK security vulnerabilities

General Page

This page lists recent Security Vulnerabilities addressed in the Developer Kits currently available from our downloads page.

You are in: Java SDK > Support >

IBM customers requiring these fixes in a binary IBM Java SDK/JRE for use with an IBM product should contact IBM Support and engage the appropriate product service team.

Security Bulletins can also be found on the IBM Support Portal.

IBM Security Update November 2023
Oracle October 17 2023 CPU (1.7.0_401, 1.8.0_391)
IBM Security Update August 2023
Oracle July 18 2023 CPU (1.7.0_391, 1.8.0_381)
IBM Security Update June 2023
Oracle April 18 2023 CPU (1.7.0_381, 1.8.0_371)
IBM Security Update April 2023
Oracle January 17 2023 CPU (1.7.0_371, 1.8.0_361)
IBM Security Update November 2022
Oracle October 18 2022 CPU (1.7.0_361, 1.8.0_351)
Oracle July 19 2022 CPU (1.7.0_351, 1.8.0_341)
IBM Security Update May 2022
Oracle April 19 2022 CPU (1.7.0_341, 1.8.0_331)
Oracle January 18 2022 CPU (1.7.0_331, 1.8.0_321)
IBM Security Update November 2021
Oracle October 19 2021 CPU (1.7.0_321, 1.8.0_311)
Oracle July 20 2021 CPU (1.7.0_311, 1.8.0_301, 11.0.12)
IBM Security Update June 2021
Oracle April 20 2021 CPU (1.7.0_301, 1.8.0_291, 11.0.11)
IBM Security Update February 2021
Oracle January 19 2021 CPU (1.7.0_291, 1.8.0_281, 11.0.10.0)
Oracle October 20 2020 CPU (1.7.0_281, 1.8.0_271)
IBM Security Update August 2020
Oracle July 14 2020 CPU (1.7.0_271, 1.8.0_261)
Oracle April 14 2020 CPU (1.7.0_261, 1.8.0_251)
IBM Security Update January 2020
Oracle January 14 2020 CPU (1.7.0_251, 1.8.0_241)
IBM Security Update November 2019
Oracle October 15 2019 CPU (1.7.0_241, 1.8.0_231)
IBM Security Update July 2019
Oracle July 16 2019 CPU (1.7.0_231, 1.8.0_221)
IBM Security Update April 2019
Oracle April 16 2019 CPU (170_221, 180_211)
IBM Security Update March 2019
Oracle January 15 2019 CPU (1.7.0_211, 1.8.0_201)
Oracle October 16 2018 CPU (1.6.0_211, 1.7.0_201, 1.8.0_191)
IBM Security Update August 2018
Oracle July 17 2018 CPU (1.6.0_201, 1.7.0_191, 1.8.0_181)
Oracle April 17 2018 CPU (1.6.0_191, 1.7.0_181, 1.8.0_171)
IBM Security Update February 2018
Oracle January 16 2018 CPU (1.6.0_181, 1.7.0_171, 1.8.0_161)
Oracle October 17 2017 CPU (1.6.0_171, 1.7.0_161, 1.8.0_151)
IBM Security Update August 2017
Oracle July 18 2017 CPU (1.6.0_161, 1.7.0_151, 1.8.0_141)
IBM Security Update May 2017
Oracle April 18 2017 CPU (1.6.0_151, 1.7.0_141, 1.8.0_131)
Oracle January 17 2017 CPU (1.6.0_141, 1.7.0_131, 1.8.0_121)
Oracle October 18 2016 CPU (1.6.0_131, 1.7.0_121, 1.8.0_111)
Oracle July 19 2016 CPU (6u121, 7u111, 8u101)
IBM Security Update April 2016
Oracle April 19 2016 CPU (6u115, 7u101, 8u91)
Oracle Security Alert for CVE-2016-0636 (7u99, 8u77)
Oracle Security Alert for CVE-2016-0603 (6u113, 7u97, 8u73)
IBM Security Update January 2016
Oracle January 19 2016 CPU (6u111, 7u95, 8u71)

IBM Security Update November 2023

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2023-5676	4.1	7.1.5.20	8.0.8.15

Further information on the November 2023 IBM Security Update is available here.

Oracle October 17 2023 CPU (1.7.0_401, 1.8.0_391)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2023-22081	5.3	N/A	8.0.8.15
CVE-2023-22067	5.3	7.1.5.20	8.0.8.15
CVE-2023-22025	3.7	N/A	N/A	Not applicable to IBM JRE/SDK

Further information on Oracle's October 17 2023 Critical Patch Update is available here.

IBM Security Update August 2023

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2022-40609	8.1	7.1.5.19	8.0.8.5

Further information on the August 2023 IBM Security Update is available here.

Oracle July 18 2023 CPU (1.7.0_391, 1.8.0_381)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2023-22041	5.1	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2023-22049	3.7	7.1.5.19	8.0.8.10
CVE-2023-22045	3.7	N/A	8.0.8.10	Applicable on Solaris, HP-UX and Mac OS only
CVE-2023-22044	3.7	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2023-22036	3.7	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2023-25193	3.7	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2023-22006	3.1	N/A	N/A	Not applicable to IBM JRE/SDK

Further information on Oracle's July 18 2023 Critical Patch Update is available here.

IBM Security Update June 2023

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2023-2597	7	7.1.5.18	8.0.8.5	Not applicable on Solaris, HP-UX, and Mac OS

Further information on the June 2023 IBM Security Update is available here.

Oracle April 18 2023 CPU (1.7.0_381, 1.8.0_371)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2023-21930	7.4	N/A	8.0.8.5
CVE-2023-21967	5.9	N/A	8.0.8.5
CVE-2023-21954	5.9	N/A	8.0.8.5	Applicable on Solaris, HP-UX and Mac OS only
CVE-2023-21939	5.3	7.1.5.18	8.0.8.5
CVE-2023-21968	3.7	7.1.5.18	8.0.8.5
CVE-2023-21937	3.7	7.1.5.18	8.0.8.5
CVE-2023-21938	3.7	7.1.5.18	8.0.8.5

Further information on Oracle's April 18 2023 Critical Patch Update is available here.

IBM Security Update April 2023

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2023-30441	7.5	N/A	8.0.7.15

Further information on the April 2023 IBM Security Update is available here.

Oracle January 17 2023 CPU (1.7.0_371, 1.8.0_361)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix
CVE-2023-21835	5.3	N/A	N/A
CVE-2023-21830	5.3	7.1.5.17	8.0.8.0
CVE-2023-21843	3.7	7.1.5.17	8.0.8.0

Further information on Oracle's January 17 2022 Critical Patch Update is available here.

IBM Security Update November 2022

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2022-3676	6.5	7.0.11.15 7.1.5.15	8.0.7.20	Not applicable on Solaris, HP-UX, and Mac OS

Further information on the November 2022 IBM Security Update is available here.

Oracle October 18 2022 CPU (1.7.0_361, 1.8.0_351)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix
CVE-2022-21628	5.3	7.1.5.16	8.0.7.20
CVE-2022-21626	5.3	7.1.5.16	8.0.7.20
CVE-2022-21618	5.3	N/A	N/A
CVE-2022-39399	3.7	N/A	N/A
CVE-2022-21624	3.7	7.1.5.16	8.0.7.20
CVE-2022-21619	3.7	7.1.5.16	8.0.7.20

Further information on Oracle's October 18 2022 Critical Patch Update is available here.

Oracle July 19 2022 CPU (1.7.0_351, 1.8.0_341)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2022-34169	7.5	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2022-21541	5.9	7.0.11.15	8.0.7.15	Applicable on Solaris, HP-UX and Mac OS only
CVE-2022-21549	5.3	N/A	N/A
CVE-2022-21540	5.3	7.0.11.15	8.0.7.15	Applicable on Solaris, HP-UX and Mac OS only

Further information on Oracle's July 19 2022 Critical Patch Update is available here.

IBM Security Update May 2022

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2021-41041	5.3	N/A	8.0.7.10	Not applicable on Solaris, HP-UX, and Mac OS

Further information on the May 2022 IBM Security Update is available here.

Oracle April 19 2022 CPU (1.7.0_341, 1.8.0_331)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2022-21476	7.5	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2022-21449	7.5	N/A	N/A
CVE-2022-21496	5.3	7.0.11.10 7.1.5.10	8.0.7.10
CVE-2022-21434	5.3	7.0.11.10 7.1.5.10	8.0.7.10
CVE-2022-21426	5.3	7.1.5.17	8.0.8.0
CVE-2022-21443	3.7	7.0.11.10 7.1.5.10	8.0.7.10

Further information on Oracle's April 19 2022 Critical Patch Update is available here.

Oracle January 18 2022 CPU (1.7.0_331, 1.8.0_321)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2022-21366	5.3	N/A	N/A	Not applicable to IBM Java
CVE-2022-21365	5.3	7.0.11.5 7.1.5.5	8.0.7.5
CVE-2022-21360	5.3	7.0.11.5 7.1.5.5	8.0.7.5
CVE-2022-21349	5.3	7.0.11.5	8.0.7.5	Applicable on Solaris only
CVE-2022-21341	5.3	7.0.11.5 7.1.5.5	8.0.7.5
CVE-2022-21340	5.3	7.0.11.5 7.1.5.5	8.0.7.5
CVE-2022-21305	5.3	7.0.11.5	8.0.7.5	Applicable on Solaris, HP-UX and Mac OS only
CVE-2022-21277	5.3	N/A	N/A
CVE-2022-21299	5.3	7.0.11.10 7.1.5.10	8.0.7.6
CVE-2022-21296	5.3	N/A	N/A	Not applicable to IBM Java
CVE-2022-21282	5.3	N/A	N/A	Not applicable to IBM Java
CVE-2022-21294	5.3	7.0.11.5 7.1.5.5	8.0.7.5
CVE-2022-21293	5.3	7.0.11.5 7.1.5.5	8.0.7.5
CVE-2022-21291	5.3	7.0.11.5	8.0.7.5	Applicable on Solaris, HP-UX and Mac OS only
CVE-2022-21283	5.3	N/A	N/A	Not applicable to IBM Java
CVE-2022-21271	5.3	N/A	N/A	Not applicable to IBM Java
CVE-2022-21248	3.7	7.0.11.5 7.1.5.5	8.0.7.5

Further information on Oracle's January 18 2022 Critical Patch Update is available here.

IBM Security Update November 2021

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2021-41035	5.3	7.0.11.0 7.1.5.0	8.0.7.0	Not applicable on Solaris, HP-UX, and Mac OS

Further information on the November 2021 IBM Security Update is available here.

Oracle October 19 2021 CPU (1.7.0_321, 1.8.0_311)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2021-35560	7.5	N/A	8.0.7.0
CVE-2021-35567	6.8	N/A	N/A
CVE-2021-35550	5.9	7.0.11.5 7.1.5.5	8.0.7.5
CVE-2021-35586	5.3	7.0.11.0 7.1.5.0	8.0.7.0
CVE-2021-35578	5.3	N/A	8.0.7.0
CVE-2021-35564	5.3	7.0.11.0 7.1.5.0	8.0.7.0
CVE-2021-35561	5.3	7.0.11.10 7.1.5.10	8.0.7.10
CVE-2021-35559	5.3	7.0.11.0 7.1.5.0	8.0.7.0
CVE-2021-35556	5.3	7.0.11.0 7.1.5.0	8.0.7.0
CVE-2021-35565	5.3	7.0.11.0 7.1.5.0	8.0.7.0
CVE-2021-35603	3.7	7.0.11.5 7.1.5.5	8.0.7.5
CVE-2021-35588	3.1	7.0.11.0 7.1.5.0	8.0.7.0	Applicable on Solaris, HP-UX, and Mac OS only

Further information on Oracle's October 19 2021 Critical Patch Update is available here.

Oracle July 20 2021 CPU (1.7.0_311, 1.8.0_301, 11.0.12)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	IBM 11 Fix	Notes
CVE-2021-2388	7.5	7.0.10.90	N/A	N/A	Applicable on Solaris, HP-UX and Mac OS only
CVE-2021-2369	4.3	7.0.10.90 7.1.4.90	8.0.6.35	IBM Semeru 11.0.12 *
CVE-2021-2432	3.7	7.0.10.90 7.1.4.90	N/A	N/A
CVE-2021-2341	3.1	7.0.11.0 7.1.5.0	8.0.6.35	IBM Semeru 11.0.12 *

Further information on Oracle's July 20 2021 Critical Patch Update is available here.

* Note: IBM SDK, Java Technology Edition version 11 is now IBM Semeru Runtime Certified Edition version 11. Future vulnerability fixes for IBM Semeru Certified Edition version 11 will be described on the IBM Semeru Security Vulnerabilities page.

IBM Security Update June 2021

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2021-28167	6.5	N/A	8.0.6.31	Not applicable on Solaris, HP-UX, and Mac OS

Further information on the June 2021 IBM Security Update is available here.

Oracle April 20 2021 CPU (1.7.0_301, 1.8.0_291, 11.0.11)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	IBM 11 Fix	Notes
CVE-2021-2161	5.9	7.0.10.85 7.1.4.85	8.0.6.30	11.0.11.0	Applicable on Windows only
CVE-2021-2163	5.3	7.0.11.15 7.1.5.15	8.0.7.15	11.0.11.0

Further information on Oracle's April 20 2021 Critical Patch Update is available here.

IBM Security Update February 2021

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	IBM 11 Fix	Notes
CVE-2020-27221	9.8	7.1.4.80	8.0.6.25	11.0.10.0	Applicable on AIX, Linux and z/OS only

Further information on the February 2021 IBM Security Update is available here.

Oracle January 19 2021 CPU (1.7.0_291, 1.8.0_281, 11.0.10.0)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	IBM 11 Fix	Notes
CVE-2020-14803	5.3	7.0.10.80 7.1.4.80	8.0.6.25	N/A

Further information on Oracle's January 19 2021 Critical Patch Update is available here.

Oracle October 20 2020 CPU (1.7.0_271, 1.8.0_261)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2020-14803	5.3	7.0.10.80 7.1.4.80	8.0.6.25	Originally marked as N/A for 7 and 8. Updated with January 2021 CPU.
CVE-2020-14792	4.2	7.0.10.75 7.1.4.75	8.0.6.20	Applicable on Solaris, HP-UX and Mac OS only
CVE-2020-14797	3.7	7.0.10.75 7.1.4.75	8.0.6.20
CVE-2020-14782	3.7	7.0.10.75 7.1.4.75	8.0.6.25
CVE-2020-14781	3.7	7.0.10.75 7.1.4.75	8.0.6.25
CVE-2020-14779	3.7	7.0.10.75 7.1.4.75	8.0.6.20
CVE-2020-14798	3.1	7.0.10.75 7.1.4.75	8.0.6.20	Applicable on Windows only
CVE-2020-14796	3.1	7.0.10.75 7.1.4.75	8.0.6.20

Further information on Oracle's October 20 2020 Critical Patch Update is available here.

IBM Security Update August 2020

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2019-17639	5.3	7.0.10.70 7.1.4.70	8.0.6.15	Applicable on AIX and Linux on Power only

Further information on the August 2020 IBM Security Update is available here.

Oracle July 14 2020 CPU (1.7.0_271, 1.8.0_261)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2020-14583	8.3	7.0.10.70 7.1.4.70	8.0.6.15
CVE-2020-14593	6.1	7.0.10.70 7.1.4.70	8.0.6.15
CVE-2020-14621	5.3	7.0.10.70 7.1.4.70	8.0.6.15
CVE-2020-14556	4.8	N/A	8.0.6.15
CVE-2020-14581	3.7	N/A	8.0.6.15	Applicable on Mac OS only
CVE-2020-14579	3.7	7.0.10.70 7.1.4.70	8.0.6.15
CVE-2020-14578	3.7	7.0.10.70 7.1.4.70	8.0.6.15
CVE-2020-14577	3.7	7.0.10.70 7.1.4.70	8.0.6.15
CVE-2020-14573	3.7	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2020-14562	3.7	N/A	N/A	Not applicable to IBM JRE/SDK

Further information on Oracle’s July 14 2020 Critical Patch Update is available here.

Oracle April 14 2020 CPU (1.7.0_261, 1.8.0_251)

N/A

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2020-2805	8.3	7.0.10.65 7.1.4.65	8.0.6.10
CVE-2020-2803	8.3	7.0.10.65 7.1.4.65	8.0.6.10
CVE-2020-2816	7.5	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2020-2830	5.3	7.0.10.65 7.1.4.65	8.0.6.10
CVE-2020-2781	5.3	7.0.10.65 7.1.4.65	8.0.6.10
CVE-2020-2800	4.8	7.0.10.65 7.1.4.65	8.0.6.10
CVE-2020-2767	4.8	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2020-2778	3.7	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2020-2773	3.7	N/A	8.0.6.25
CVE-2020-2757	3.7	7.0.10.65 7.1.4.65	8.0.6.10
CVE-2020-2756	3.7	7.0.10.65 7.1.4.65	8.0.6.10
CVE-2020-2755	3.7	N/A	8.0.6.10
CVE-2020-2754	3.7	N/A	8.0.6.10

Further information on Oracle’s April 14 2020 Critical Patch Update is available here.

IBM Security Update January 2020

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2019-4732	7.2	N/A	8.0.6.5

Further information on the January 2020 IBM Security Update is available here.

Oracle January 14 2020 CPU (1.7.0_251, 1.8.0_241)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2020-2604	8.1	7.0.10.60 7.1.4.60	8.0.6.5
CVE-2020-2601	6.8	7.0.10.70 7.1.4.70	8.0.6.15
CVE-2020-2655	4.8	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2020-2593	4.8	7.0.10.60 7.1.4.60	8.0.6.5
CVE-2020-2654	3.7	7.0.10.65 7.1.4.65	8.0.6.6	Security Bulletin
CVE-2020-2659	3.7	7.0.10.60 7.1.4.60	8.0.6.5
CVE-2020-2590	3.7	7.0.10.70 7.1.4.70	8.0.6.15
CVE-2020-2583	3.7	7.0.10.60 7.1.4.60	8.0.6.5

Further information on Oracle’s January 14 2020 Critical Patch Update is available here.

IBM Security Update November 2019

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2019-17631	8.4	N/A	8.0.6.0

Further information on the November 2019 IBM Security Update is available here.

Oracle October 15 2019 CPU (1.7.0_241, 1.8.0_231)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2019-2989	6.8	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2949	6.8	N/A	8.0.6.10	Security Bulletin
CVE-2019-2958	5.9	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2977	4.8	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2019-2975	4.8	N/A	8.0.6.0
CVE-2019-2999	4.7	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2996	4.2	N/A	8.0.6.0
CVE-2019-2894	3.7	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2019-2992	3.7	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2988	3.7	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2987	3.7	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2019-2983	3.7	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2981	3.7	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2978	3.7	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2973	3.7	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2962	3.7	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2964	3.7	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2945	3.1	7.0.10.55 7.1.4.55	8.0.6.0
CVE-2019-2933	3.1	7.0.10.55 7.1.4.55	8.0.6.0

Further information on Oracle’s October 15 2019 Critical Patch Update is available here.

IBM Security Update July 2019

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2019-11772	8.4	N/A	8.0.5.40
CVE-2019-11775	8.4	7.0.10.50 7.1.4.50	8.0.5.40
CVE-2019-4473	8.4	7.0.10.50 7.1.4.50	8.0.5.40	Specific to IBM JRE/SDK on AIX
CVE-2019-11771	8.4	7.0.10.50 7.1.4.50	8.0.5.40	Specific to IBM JRE/SDK on AIX

Further information on the July 2019 IBM Security Update is available here.

Oracle July 16 2019 CPU (1.7.0_231, 1.8.0_221)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2019-7317	6.8	7.0.10.50 7.1.4.50	8.0.5.40
CVE-2019-2821	5.3	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2019-2769	5.3	7.0.10.50 7.1.4.50	8.0.5.40
CVE-2019-2762	5.3	7.0.10.50 7.1.4.50	8.0.5.40
CVE-2019-2745	5.1	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2019-2816	4.8	7.0.10.50 7.1.4.50	8.0.5.40
CVE-2019-2842	3.7	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2019-2786	3.4	N/A	8.0.5.40
CVE-2019-2818	3.1	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2019-2766	3.1	7.0.10.50 7.1.4.50	8.0.5.40

Further information on Oracle’s July 16 2019 Critical Patch Update is available here.

IBM Security Update April 2019

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2019-10245	7.5	7.0.10.45 7.1.4.45	8.0.5.35

Further information on the April 2019 IBM Security Update is available here.

Oracle April 16 2019 CPU (170_221, 180_211)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2019-2699	9	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2019-2698	8.1	7.0.10.45 7.1.4.45	8.0.5.35
CVE-2019-2697	8.1	7.0.10.45 7.1.4.45	8.0.5.35
CVE-2019-2602	7.5	7.0.10.45 7.1.4.45	8.0.5.35
CVE-2019-2684	5.9	7.0.10.45 7.1.4.45	8.0.5.35

Further information on Oracle’s April 16 2019 Critical Patch Update is available here.

IBM Security Update March 2019

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2018-1890	5.6	N/A	8.0.5.30	Specific to IBM JRE/SDK on AIX
CVE-2018-12547	9.8	7.0.10.40 7.1.4.40	8.0.5.30	Not applicable to IBM JRE/SDK on Solaris, HP-UX and Mac OS.
CVE-2018-12549	9.8	N/A	8.0.5.30	Applicable from 8.0.5.0 to 8.0.5.27 inclusive. Not applicable to IBM JRE/SDK on Solaris, HP-UX and Mac OS.

Further information on the March 2019 IBM Security Update is available here.

Oracle January 15 2019 CPU (1.7.0_211, 1.8.0_201)

CVE	CVSS	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2019-2540	6.1	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-11212	5.3	7.0.10.40 7.1.4.40	8.0.5.30
CVE-2019-2426	3.7	7.0.10.40 7.1.4.40	8.0.5.30
CVE-2019-2449	3.1	N/A	8.0.5.30
CVE-2019-2422	3.1	7.0.10.40 7.1.4.40	8.0.5.30

Further information on Oracle’s January 15 2019 Critical Patch Update is available here.

Oracle October 16 2018 CPU (1.6.0_211, 1.7.0_201, 1.8.0_191)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2018-3183	9	N/A	N/A	8.0.5.25
CVE-2018-3209	8.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-3169	8.3	N/A	7.0.10.35 7.1.4.35	8.0.5.25
CVE-2018-3149	8.3	6.0.16.75 6.1.8.75	7.0.10.35 7.1.4.35	8.0.5.25
CVE-2018-3211	6.6	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-3180	5.6	6.0.16.75 6.1.8.75	7.0.10.35 7.1.4.35	8.0.5.25
CVE-2018-3214	5.3	6.0.16.75 6.1.8.75	7.0.10.35 7.1.4.35	8.0.5.25
CVE-2018-3157	4.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-13785	3.7	6.0.16.75 6.1.8.75	7.0.10.35 7.1.4.35	8.0.5.25
CVE-2018-3136	3.4	6.0.16.75 6.1.8.75	7.0.10.35 7.1.4.35	8.0.5.25
CVE-2018-3150	3.1	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-3139	3.1	6.0.16.75 6.1.8.75	7.0.10.35 7.1.4.35	8.0.5.25

Further information on Oracle’s October 16 2018 Critical Patch Update is available here.

IBM Security Update August 2018

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2018-12539	8.4	6.0.16.70 6.1.8.70	7.0.10.30 7.1.4.30	8.0.5.20
CVE-2018-1656	7.4	6.0.16.70 6.1.8.70	7.0.10.30 7.1.4.30	8.0.5.20
CVE-2018-1517	5.9	6.0.16.70 6.1.8.70	7.0.10.30 7.1.4.30	8.0.5.20
CVE-2017-3736	5.9	N/A	N/A	8.0.5.20	Applicable only when using IBMJCEPlus
CVE-2017-3732	5.3	N/A	N/A	8.0.5.20	Applicable only when using IBMJCEPlus
CVE-2016-0705	3.7	N/A	N/A	8.0.5.20	Applicable only when using IBMJCEPlus

Further information on the August 2018 IBM Security Update is available here.

Oracle July 17 2018 CPU (1.6.0_201, 1.7.0_191, 1.8.0_181)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2018-2938	9	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-2964	8.3	N/A	N/A	8.0.5.20	Applicable on Windows Only
CVE-2018-2941	8.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-2942	8.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-2973	5.9	6.0.16.70 6.1.8.70	7.0.10.30 7.1.4.30	8.0.5.20
CVE-2018-2972	5.9	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-2940	4.3	6.0.16.70 6.1.8.70	7.0.10.30 7.1.4.30	8.0.5.20
CVE-2018-2952	3.7	6.0.16.70 6.1.8.70	7.0.10.30 7.1.4.30	8.0.5.20

Further information on Oracle’s July 17 2018 Critical Patch Update is available here.

Oracle April 17 2018 CPU (1.6.0_191, 1.7.0_181, 1.8.0_171)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2018-2826	8.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-2825	8.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-2814	8.3	6.0.16.65 6.1.8.65	7.0.10.25 7.1.4.25	8.0.5.15	Applicable on Solaris, HP-UX and Mac OS only
CVE-2018-2794	7.7	6.0.16.65 6.1.8.65	7.0.10.25 7.1.4.25	8.0.5.15
CVE-2018-2783	7.4	6.0.16.65 6.1.8.65	7.0.10.25 7.1.4.25	8.0.5.15
CVE-2018-2815	5.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-2799	5.3	N/A	7.0.10.25 7.1.4.25	8.0.5.15
CVE-2018-2798	5.3	6.0.16.65 6.1.8.65	7.0.10.25 7.1.4.25	8.0.5.15
CVE-2018-2797	5.3	6.0.16.65 6.1.8.65	7.0.10.25 7.1.4.25	8.0.5.15
CVE-2018-2796	5.3	N/A	7.0.10.25 7.1.4.25	8.0.5.15
CVE-2018-2795	5.3	6.0.16.65 6.1.8.65	7.0.10.25 7.1.4.25	8.0.5.15
CVE-2018-2800	4.2	6.0.16.65 6.1.8.65	7.0.10.25 7.1.4.25	8.0.5.15
CVE-2018-2790	3.1	6.0.16.65 6.1.8.65	7.0.10.25 7.1.4.25	8.0.5.15

Further information on Oracle’s April 17 2018 Critical Patch Update is available here.

IBM Security Update February 2018

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2018-1417	8.1	N/A	7.1.4.20	8.0.5.10

Further information on the February 2018 IBM Security Update is available here.

Oracle January 16 2018 CPU (1.6.0_181, 1.7.0_171, 1.8.0_161)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2018-2639	8.3	N/A	N/A	8.0.5.10
CVE-2018-2638	8.3	N/A	N/A	8.0.5.10
CVE-2018-2633	8.3	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2637	7.4	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2634	6.8	N/A	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2582	6.5	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2641	6.1	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2618	5.9	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2657	5.3	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	N/A
CVE-2018-2629	5.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2018-2603	5.3	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2599	4.8	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2602	4.5	N/A	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2678	4.3	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2677	4.3	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2663	4.3	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2588	4.3	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10
CVE-2018-2579	3.7	6.0.16.60 6.1.8.60	7.0.10.20 7.1.4.20	8.0.5.10

Further information on Oracle’s January 16 2018 Critical Patch Update is available here.

Oracle October 17 2017 CPU (1.6.0_171, 1.7.0_161, 1.8.0_151)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2017-10346	9.6	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10285	9.6	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10388	7.5	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10309	7.1	N/A	N/A	8.0.5.5
CVE-2017-10274	6.8	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2017-10356	6.2	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10293	6.1	See note	See note	See note	Refer to the “Conformance” section here
CVE-2016-9841	5.3	6.0.16.55 6.1.8.55	7.0.15.5 7.1.5.5	8.0.5.5	Applicable on Solaris, HP-UX and Mac OS only. All other platforms were fixed in an earlier release.
CVE-2016-10165	5.3	N/A	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10355	5.3	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10357	5.3	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10348	5.3	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10349	5.3	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10347	5.3	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10350	5.3	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10281	5.3	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10295	4	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5
CVE-2017-10345	3.1	6.0.16.55 6.1.8.55	7.0.10.15 7.1.4.15	8.0.5.5

Further information on Oracle’s October 17 2017 Critical Patch Update is available here.

IBM Security Update August 2017

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2017-1376	9.8	6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.7

Further information on the August 2017 IBM Security Update is available here.

Oracle July 18 2017 CPU (1.6.0_161, 1.7.0_151, 1.8.0_141)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2017-10111	9.6	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10	Applicable on Solaris, HP-UX and Mac OS only
CVE-2017-10110	9.6	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10107	9.6	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10101	9.6	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10096	9.6	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10090	9.6	N/A	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10089	9.6	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10087	9.6	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10102	9	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10116	8.3	N/A	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10074	8.3	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10	Applicable on Solaris, HP-UX and Mac OS only
CVE-2017-10078	8.1	N/A	N/A	8.0.4.10
CVE-2017-10176	7.5	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2017-10118	7.5	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2017-10115	7.5	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10067	7.5	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10125	7.1	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10198	6.8	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2017-10243	6.5	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10135	5.9	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2017-10109	5.3	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10108	5.3	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10053	5.3	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10105	4.3	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10
CVE-2017-10081	4.3	6.0.16.50 6.1.8.50	7.0.10.10 7.1.4.10	8.0.4.10	Applicable on Solaris, HP-UX and Mac OS only
CVE-2017-10193	3.1	N/A	N/A	N/A	Not applicable to IBM JRE/SDK

Further information on Oracle’s July 18 2017 Critical Patch Update is available here.

IBM Security Update May 2017

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2017-1289	8.2	N/A	N/A	8.0.4.5
CVE-2016-9840	3.3	6.0.16.45 6.1.8.45	7.0.10.5 7.1.4.5	8.0.4.5	Solaris, HP-UX and Mac OS platforms are fixed in a later release
CVE-2016-9841	3.3	6.0.16.45 6.1.8.45	7.0.10.5 7.1.4.5	8.0.4.5	Solaris, HP-UX and Mac OS platforms are fixed in a later release
CVE-2016-9842	3.3	6.0.16.45 6.1.8.45	7.0.10.5 7.1.4.5	8.0.4.5	Solaris, HP-UX and Mac OS platforms are fixed in a later release
CVE-2016-9843	3.3	6.0.16.45 6.1.8.45	7.0.10.5 7.1.4.5	8.0.4.5	Solaris, HP-UX and Mac OS platforms are fixed in a later release

Further information on the May 2017 IBM Security Update is available here.

Oracle April 18 2017 CPU (1.6.0_151, 1.7.0_141, 1.8.0_131)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2017-3514	8.3	6.0.16.45 6.1.8.45	7.0.10.5 7.1.4.5	8.0.4.5
CVE-2017-3512	8.3	N/A	7.0.10.5 7.1.4.5	8.0.4.5
CVE-2017-3511	7.7	N/A	7.0.10.5 7.1.4.5	8.0.4.5
CVE-2017-3526	5.9	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2017-3509	4.2	6.0.16.45 6.1.8.45	7.0.10.5 7.1.4.5	8.0.4.5
CVE-2017-3544	3.7	6.0.16.45 6.1.8.45	7.0.10.5 7.1.4.5	8.0.4.5
CVE-2017-3533	3.7	6.0.16.45 6.1.8.45	7.0.10.5 7.1.4.5	8.0.4.5
CVE-2017-3539	3.1	6.0.16.45 6.1.8.45	7.0.10.5 7.1.4.5	8.0.4.5

Further information on Oracle’s April 18 2017 Critical Patch Update is available here.

Oracle January 17 2017 CPU (1.6.0_141, 1.7.0_131, 1.8.0_121)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2017-3289	9.6	N/A	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2017-3272	9.6	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2017-3241	9	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2017-3260	8.3	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0	Applicable to Mac OS only
CVE-2016-5546	7.5	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2017-3253	7.5	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2016-5548	6.5	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2016-5549	6.5	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2017-3252	5.8	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2016-5547	5.3	N/A	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2016-5552	5.3	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2017-3261	4.3	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2017-3231	4.3	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2017-3259	3.7	6.0.16.40 6.1.8.40	7.0.10.0 7.1.4.0	8.0.4.0
CVE-2016-2183	3.1	6.0.16.41 6.1.8.41	7.0.10.1 7.1.4.1	8.0.4.1

Further information on Oracle’s January 17 2017 Critical Patch Update is available here.

Oracle October 18 2016 CPU (1.6.0_131, 1.7.0_121, 1.8.0_111)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2016-5582	9.6	6.0.16.35 6.1.8.35	7.0.9.60 7.1.3.60	8.0.3.20	Applicable on Solaris, HP-UX and Mac OS only
CVE-2016-5568	9.6	6.0.16.35 6.1.8.35	7.0.9.60 7.1.3.60	8.0.3.20
CVE-2016-5556	9.6	6.0.16.35 6.1.8.35	7.0.9.60 7.1.3.60	8.0.3.20
CVE-2016-5573	8.3	6.0.16.35 6.1.8.35	7.0.9.60 7.1.3.60	8.0.3.20
CVE-2016-5597	5.9	6.0.16.35 6.1.8.35	7.0.9.60 7.1.3.60	8.0.3.20
CVE-2016-5554	4.3	6.0.16.35 6.1.8.35	7.0.9.60 7.1.3.60	8.0.3.20
CVE-2016-5542	3.1	6.0.16.35 6.1.8.35	7.0.9.60 7.1.3.60	8.0.3.20

Further information on Oracle’s October 18 2016 Critical Patch Update is available here.

Oracle July 19 2016 CPU (6u121, 7u111, 8u101)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2016-3610	9.6	N/A	N/A	8.0.3.10	Applicable on Solaris, HP-UX and Mac OS only
CVE-2016-3598	9.6	N/A	7.0.9.50 7.1.3.50	8.0.3.10
CVE-2016-3606	9.6	N/A	7.0.9.50	8.0.3.10	Applicable on Solaris, HP-UX and Mac OS only
CVE-2016-3587	9.6	N/A	N/A	8.0.3.10	Applicable on Solaris, HP-UX and Mac OS only
CVE-2016-3552	8.1	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2016-3503	7.7	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2016-3511	7.7	N/A	7.0.9.50 7.1.3.50	8.0.3.10
CVE-2016-3498	5.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2016-3508	5.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2016-3550	4.3	6.0.16.30 6.1.8.30	7.0.9.50	8.0.3.10	Applicable on Solaris, HP-UX and Mac OS only
CVE-2016-3500	4.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2016-3458	4.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2016-3485	2.9	6.0.16.30 6.1.8.30	7.0.9.50 7.1.3.50	8.0.3.10

Further information on Oracle’s July 19 2016 Critical Patch Update is available here.

IBM Security Update April 2016

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2016-0376	8.1	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0
CVE-2016-0363	8.1	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0
CVE-2016-0264	5.6	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0	Not applicable on Solaris, HP-UX and Mac OS

Further information on the April 2016 IBM Security Update is available here.

Oracle April 19 2016 CPU (6u115, 7u101, 8u91)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2016-3443	9.6	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0
CVE-2016-0687	9.6	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0
CVE-2016-0686	9.6	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0
CVE-2016-3427	9	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0
CVE-2016-3449	8.3	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0
CVE-2016-3425	5.3	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2016-3422	4.3	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0
CVE-2016-0695	3.7	N/A	N/A	N/A	Not applicable to IBM JRE/SDK
CVE-2016-3426	3.1	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0

Further information on Oracle’s April 19 2016 Critical Patch Update is available here.

Oracle Security Alert for CVE-2016-0636 (7u99, 8u77)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2016-0636	9.3	6.0.16.25 6.1.8.25	7.0.9.40 7.1.3.40	8.0.3.0	Applicable on Solaris, HP-UX and Mac OS only

Further information on the Oracle Security Alert for CVE-2016-0636 is available here and here.

Oracle Security Alert for CVE-2016-0603 (6u113, 7u97, 8u73)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2016-0603	7.6	6.0.16.21 6.1.8.21	7.0.9.31 7.1.3.31	8.0.2.11	This issue is applicable to the Windows platform only

Further information on the Oracle Security Alert for CVE-2016-0603 is available here.

IBM Security Update January 2016

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix
CVE-2015-8540	9.8	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	N/A
CVE-2015-7981	5.3	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	N/A
CVE-2015-5041	4.8	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	8.0.2.10

Further information on the January 2016 IBM Security Update is available here.

Oracle January 19 2016 CPU (6u111, 7u95, 8u71)

CVE	CVSS	IBM 6 Fix	IBM 7 Fix	IBM 8 Fix	Notes
CVE-2016-0494	10	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	8.0.2.10
CVE-2016-0483	10	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	8.0.2.10
CVE-2015-8126	7.8	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	8.0.2.10
CVE-2015-8472	6.3	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	8.0.2.10
CVE-2016-0475	5.8	N/A	N/A	8.0.2.10
CVE-2016-0466	5	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	8.0.2.10
CVE-2016-0402	5	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	8.0.2.10
CVE-2015-7575	4	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	8.0.2.10	SLOTH
CVE-2016-0448	4	6.0.16.20 6.1.8.20	7.0.9.30 7.1.3.30	8.0.2.10

Further information on Oracle’s January 19 2016 Critical Patch Update is available here.

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Tips

Java SDK security vulnerabilities

General Page

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?