Semeru Runtimes security vulnerabilites

General Page

This page lists recent Security Vulnerabilities addressed in the IBM Semeru Runtimes currently available from our downloads page.

IBM Semeru Runtimes security vulnerabilities

IBM customers requiring these fixes in a binary IBM Semeru Runtimes for use with an IBM product should contact IBM Support and engage the appropriate product service team.

Security Bulletins can also be found on the IBM Support Portal

IBM Security Update February 2024
OpenJDK January 16 2024 Vulnerability Advisory (1.8.0_402, 11.0.22, 17.0.10, 21.0.2)
IBM Security Update November 2023
OpenJDK October 17 2023 Vulnerability Advisory (1.8.0_392, 11.0.21, 17.0.9)
OpenJDK July 18 2023 Vulnerability Advisory (1.8.0_382, 11.0.20, 17.0.8)
IBM Security Update May 2023
OpenJDK April 18 2023 Vulnerability Advisory (1.8.0_371, 11.0.19, 17.0.7)
IBM Security Update February 2023
OpenJDK January 17 2023 Vulnerability Advisory (1.8.0_361, 11.0.18, 17.0.6)
IBM Security Update November 2022
OpenJDK October 18 2022 Vulnerability Advisory (1.8.0_352, 11.0.17, 17.0.5)
OpenJDK July 19 2022 Vulnerability Advisory (1.8.0_342, 11.0.16, 17.0.4, 18.0.2)
IBM Security Update May 2022
OpenJDK April 19 2022 Vulnerability Advisory (1.8.0_332, 11.0.15, 17.0.3, 18.0.1)
OpenJDK January 18 2022 Vulnerability Advisory (1.8.0_322, 11.0.14, 17.0.2)
IBM Security Update November 2021
OpenJDK October 19 2021 Vulnerability Advisory (1.8.0_311, 11.0.13, 17.0.1)
OpenJDK July 20 2021 Vulnerability Advisory (1.8.0_301, 11.0.12, 16.0.2)
OpenJDK April 20 2021 Vulnerability Advisory (1.8.0_291, 11.0.11 16.0.1)

IBM Security Update February 2024

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Semeru 21 Fix	Notes
CVE-2024-22361	5.9	8.0.402.0	11.0.22.0	17.0.10.0	21.0.2.0

Further information on the February 2024 IBM Security Update is available here.

OpenJDK January 16 2024 Vulnerability Advisory (1.8.0_402, 11.0.22, 17.0.10, 21.0.2)

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Semeru 21 Fix	Notes
CVE-2024-20932	7.5	N/A	N/A	17.0.10.0	N/A
CVE-2024-20952	7.4	8.0.402.0	11.0.22.0	17.0.10.0	21.0.2.0
CVE-2024-20918	7.4	8.0.402.0	11.0.22.0	17.0.10.0	21.0.2.0
CVE-2024-20921	5.9	8.0.402.0	11.0.22.0	17.0.10.0	21.0.2.0
CVE-2024-20919	5.9	N/A	N/A	N/A	N/A	Not applicable to IBM Semeru
CVE-2024-20926	5.9	8.0.402.0	11.0.22.0	N/A	N/A
CVE-2024-20945	4.7	8.0.402.0	11.0.22.0	17.0.10.0	21.0.2.0

Further information on OpenJDK's January 16 2024 Vulnerability Advisory is available here.

IBM Security Update November 2023

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Notes
CVE-2023-4807	6.2	N/A	11.0.21.0	17.0.9.0
CVE-2023-5676	4.1	8.0.392.0	11.0.21.0	17.0.9.0

Further information on the November 2023 IBM Security Update is available here.

OpenJDK October 17 2023 Vulnerability Advisory (1.8.0_392, 11.0.21, 17.0.9)

N/A

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Notes
CVE-2023-22081	5.3	8.0.392.0	11.0.21.0	17.0.9.0
CVE-2023-22067	5.3	8.0.392.0	N/A	N/A
CVE-2023-22025	3.7	N/A	N/A	N/A	Not applicable to IBM Semeru

Further information on OpenJDK's October 17 2023 Vulnerability Advisory is available here.

OpenJDK July 18 2023 Vulnerability Advisory (1.8.0_382, 11.0.20, 17.0.8)

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Notes
CVE-2023-22041	5.1	N/A	N/A	N/A	Not applicable to IBM Semeru
CVE-2023-22049	3.7	8.0.382.0	11.0.20.0	17.0.8.0
CVE-2023-22045	3.7	N/A	N/A	N/A	Not applicable to IBM Semeru
CVE-2023-22044	3.7	N/A	N/A	N/A	Not applicable to IBM Semeru
CVE-2023-22036	3.7	N/A	11.0.20.0	17.0.8.0
CVE-2023-25193	3.7	N/A	11.0.19.0	17.0.7.0	Fixed in IBM Security Update May 2023
CVE-2023-22006	3.1	N/A	11.0.20.0	17.0.8.0

Further information on OpenJDK's July 18 2023 Vulnerability Advisory is available here.

IBM Security Update May 2023

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Notes
CVE-2023-25193	7.5	N/A	11.0.19.0	17.0.7.0
CVE-2023-2597	7	8.0.372.0	11.0.19.0	17.0.7.0

Further information on the May 2023 IBM Security Update is available here.

OpenJDK April 18 2023 Vulnerability Advisory (1.8.0_371, 11.0.19, 17.0.7)

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Notes
CVE-2023-21930	7.4	8.0.372.0	11.0.19.0	17.0.7.0
CVE-2023-21967	5.9	8.0.372.0	11.0.19.0	17.0.7.0
CVE-2023-21954	5.9	N/A	N/A	N/A	Not applicable to IBM Semeru
CVE-2023-21939	5.3	8.0.372.0	11.0.19.0	17.0.7.0
CVE-2023-21968	3.7	8.0.372.0	11.0.19.0	17.0.7.0
CVE-2023-21937	3.7	8.0.372.0	11.0.19.0	17.0.7.0
CVE-2023-21938	3.7	8.0.372.0	11.0.19.0	17.0.7.0

Further information on OpenJDK's April 18 2023 Vulnerability Advisory is available here.

IBM Security Update February 2023

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Notes
CVE-2022-4304	7.5	8.0.362.0	11.0.18.0	17.0.6.0	Applicable on Windows and Mac OS only

Further information on the February 2023 IBM Security Update is available here.

OpenJDK January 17 2023 Vulnerability Advisory (1.8.0_361, 11.0.18, 17.0.6)

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix
CVE-2023-21835	5.3	N/A	11.0.18.0	17.0.6.0
CVE-2023-21830	5.3	8.0.362.0	N/A	N/A
CVE-2023-21843	3.7	8.0.362.0	11.0.18.0	17.0.6.0

Further information on OpenJDK's January 17 2023 Vulnerability Advisory is available here.

IBM Security Update November 2022

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Notes
CVE-2022-3676	6.5	8.0.352.0	11.0.17.0	17.0.5.0

Further information on the November 2022 IBM Security Update is available here.

OpenJDK October 18 2022 Vulnerability Advisory (1.8.0_352, 11.0.17, 17.0.5)

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix
CVE-2022-21628	5.3	8.0.352.0	11.0.17.0	17.0.5.0
CVE-2022-21626	5.3	8.0.352.0	11.0.17.0	N/A
CVE-2022-21618	5.3	N/A	N/A	17.0.5.0
CVE-2022-39399	3.7	N/A	11.0.17.0	17.0.5.0
CVE-2022-21624	3.7	8.0.352.0	11.0.17.0	17.0.5.0
CVE-2022-21619	3.7	8.0.352.0	11.0.17.0	17.0.5.0

Further information on OpenJDK's October 18 2022 Vulnerability Advisory is available here.

OpenJDK July 19 2022 Vulnerability Advisory (1.8.0_342, 11.0.16, 17.0.4, 18.0.2)

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Semeru 18 Fix	Notes
CVE-2022-34169	7.5	8.0.345.0	11.0.16.0	17.0.4.0	18.0.2.0
CVE-2022-21541	7.5	N/A	N/A	N/A	N/A	Not applicable to IBM Semeru
CVE-2022-21549	7.5	N/A	N/A	17.0.4.0	N/A
CVE-2022-21540	7.5	N/A	N/A	N/A	N/A	Not applicable to IBM Semeru

Further information on OpenJDK's July 19 2022 Vulnerability Advisory is available here.

IBM Security Update May 2022

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Semeru 18 Fix	Notes
CVE-2021-41041	5.3	8.0.332.0	11.0.15.0	N/A	N/A

Further information on the May 2022 IBM Security Update is available here.

OpenJDK April 19 2022 Vulnerability Advisory (1.8.0_332, 11.0.15, 17.0.3, 18.0.1)

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Semeru 18 Fix
CVE-2022-21476	7.5	8.0.332.0	11.0.15.0	17.0.3.0	N/A
CVE-2022-21449	7.5	N/A	N/A	17.0.3.0	18.0.1.0
CVE-2022-21496	5.3	8.0.332.0	11.0.15.0	17.0.3.0	18.0.1.0
CVE-2022-21434	5.3	8.0.332.0	11.0.15.0	17.0.3.0	18.0.1.0
CVE-2022-21426	5.3	8.0.332.0	11.0.15.0	17.0.3.0	18.0.1.0
CVE-2022-21443	3.7	8.0.332.0	11.0.15.0	17.0.3.0	18.0.1.0

Further information on OpenJDK's April 19 2022 Vulnerability Advisory is available here.

OpenJDK January 18 2022 Vulnerability Advisory (1.8.0_322, 11.0.14, 17.0.2)

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Semeru 17 Fix	Notes
CVE-2022-21366	5.3	N/A	11.0.14.0	17.0.2.0
CVE-2022-21365	5.3	8.0.322.0	11.0.14.0	17.0.2.0
CVE-2022-21360	5.3	8.0.322.0	11.0.14.0	17.0.2.0
CVE-2022-21349	5.3	N/A	N/A	N/A	Not applicable to IBM Semeru
CVE-2022-21341	5.3	8.0.322.0	11.0.14.0	17.0.2.0
CVE-2022-21340	5.3	8.0.322.0	11.0.14.0	17.0.2.0
CVE-2022-21305	5.3	N/A	N/A	N/A	Not applicable to IBM Semeru
CVE-2022-21277	5.3	N/A	11.0.14.0	17.0.2.0
CVE-2022-21299	5.3	8.0.322.0	11.0.14.0	17.0.2.0
CVE-2022-21296	5.3	N/A	11.0.14.0	17.0.2.0
CVE-2022-21282	5.3	N/A	11.0.14.0	17.0.2.0
CVE-2022-21294	5.3	8.0.322.0	11.0.14.0	17.0.2.0
CVE-2022-21293	5.3	8.0.322.0	11.0.14.0	17.0.2.0
CVE-2022-21291	5.3	N/A	N/A	N/A	Not applicable to IBM Semeru
CVE-2022-21283	5.3	N/A	11.0.14.0	17.0.2.0
CVE-2022-21248	3.7	8.0.322.0	11.0.14.0	17.0.2.0

Further information on OpenJDK's January 18 2022 Vulnerability Advisory is available here.

IBM Security Update November 2021

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Notes
CVE-2021-41035	5.3	8.0.312.0	11.0.13.0

Further information on the November 2021 IBM Security Update is available here.

OpenJDK October 19 2021 Vulnerability Advisory (1.7.0_321, 1.8.0_311, 17.0.1)

CVE	CVSS	Semeru 8 Fix	Semeru 11 Fix	Notes
CVE-2021-35567	6.8	8.0.312.0	11.0.13
CVE-2021-35550	5.9	8.0.312.0	11.0.13.0
CVE-2021-35586	5.3	8.0.312.0	11.0.13.0
CVE-2021-35578	5.3	8.0.312.0	11.0.13.0
CVE-2021-35564	5.3	8.0.312.0	11.0.13.0
CVE-2021-35561	5.3	8.0.312.0	11.0.13.0
CVE-2021-35559	5.3	8.0.312.0	11.0.13.0
CVE-2021-35556	5.3	8.0.312.0	11.0.13.0
CVE-2021-35565	5.3	8.0.312.0	11.0.13.0
CVE-2021-35603	3.7	8.0.312.0	11.0.13.0
CVE-2021-35588	3.1	N/A	N/A	Not applicable to IBM Semeru

Further information on OpenJDK's October 19 2021 Vulnerability Advisory is available here.

OpenJDK July 20 2021 Vulnerability Advisory (1.8.0_301, 11.0.12, 16.0.2)

IBM Semeru Runtimes fixes
CVE	CVSS	Semeru 8	Semeru 11	Semeru 16
CVE-2021-2388	7.5	N/A	N/A	N/A
CVE-2021-2369	4.3	8.0.302.0	11.0.12.0	16.0.2.0
CVE-2021-2432	3.7	N/A	N/A	N/A
CVE-2021-2341	3.1	8.0.302.0	11.0.12.0	16.0.2.0

Further information on OpenJDK's July 20 2021 Vulnerability Advisory is available here.

OpenJDK April 20 2021 Vulnerability Advisory (1.8.0_291, 11.0.11, 16.0.1)

IBM Semeru Runtimes fixes
CVE	CVSS	Semeru 8	Semeru 11	Semeru 16	Notes
CVE-2021-2161	5.9	8.0.292.0	11.0.12.0	16.0.2.0	Applicable on Windows only
CVE-2021-2163	5.3	8.0.292.0	11.0.12.0	16.0.2.0

Further information on OpenJDK's April 20 2021 Vulnerability Advisory is available here.

[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSA3RN","label":"IBM Semeru Runtimes"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"11.0.0;16.0.0;17.0.0;8.0.0"}]

Tips

Semeru Runtimes security vulnerabilites

General Page

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?