At the end of November 2023, a new security bulletin has been issued for Java packages: IBM Java SDK and IBM Java Runtime for IBM i.
The packages have an unspecified vulnerability ( in Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK ) linked to the Libraries component, which could enable a remote attacker to cause minor integrity impacts.
The vulnerability is corrected by applying an IBM i PTF group for Java as described in the “remediation/fixes” section that follows(https://lnkd.in/eM2hEEer) and even if its CVSS index of 3.7 is, admittedly, not very high, we’re still talking about the Java Runtine Environment required for all Java programs to function correctly.
Posted in Alert
