IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®
Jul 25, 2018 9:00 am EDT
Categorized: High Severity
Share this post:
There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6.0.16.60 and earlier, 6.1.8.60 and earlier, 7.0.10.20 and earlier, 7.1.4.20 and earlier, 8.0.5.10 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in April 2018.
CVE(s): CVE-2018-2783, CVE-2018-2794
Affected product(s) and affected version(s):
All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, and V11.1 editions on all platforms are affected.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=ibm10713455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141939
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141950
from IBM Product Security Incident Response Team https://ift.tt/2mGp80z