IBM SDK Java Security Bulletin: 9 CVEs including RCE and Info Disclosure

Critical Vulnerability Information Vulnerability Overview Total Vulnerabilities: 9 Affected Product: IBM® SDK, Java™ Technology Edition Vulnerability Details 1. CVE-2018-11212 - Description: Division-by-zero error in allocation function leading to denial of service. - CVSS Score: 3.3 2. CVE-2019-2426 - Description: Unknown vulnerability in Java SE Network component, potentially leading to information disclosure. - CVSS Score: 3.7 3. CVE-2019-2449 - Description: Unknown vulnerability in Java SE Deployment component, potentially leading to denial of service. - CVSS Score: 3.1 4. CVE-2019-2422 - Description: Unknown vulnerability in Java SE Library component, potentially leading to information disclosure. - CVSS Score: 3.1 5. CVE-2018-12547 - Description: Buffer overflow in Eclipse OpenJ9 porting function. - CVSS Score: 9.8 6. CVE-2018-12549 - Description: Null pointer error in Eclipse OpenJ9 leading to remote code execution. - CVSS Score: 9.8 7. CVE-2018-1890 - Description: Use of absolute RPATH in IBM SDK on AIX platform, potentially leading to code injection and privilege escalation. - CVSS Score: 5.6 Affected Products and Versions Multiple versions of IBM SDK, Java Technology Edition Patches and Fixes Patches and fixes are available for various versions; refer to specific APAR numbers for details.

Goal Reached Thanks to every supporter — we hit 100%!

IBM SDK Java Security Bulletin: 9 CVEs including RCE and Info Disclosure