IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Collaboration and Deployment Services

There are multiple vulnerabilities in IBM® Runtime Environment Java Version, JRE71SR4FP15, JRE8SR5FP5, JRE8SR5FP20 and JRE8SR5FP25 used by Collaboration and Deployment Services. These issues were disclosed as part of the IBM Java SDK updates in April 2019 and January 2019.

CVE(s): CVE-2019-2602, CVE-2019-2684, CVE-2018-1890

Affected product(s) and affected version(s):
IBM SPSS Collaboration and Deployment Services 7.0.0.1, 8.0.0.0, 8.1.0.0, 8.1.1.0, 8.2, 8.2.1.0.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10888349
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159698
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159776
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152081

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Collaboration and Deployment Services appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2J1pLhg