The vulnerabilities CVE-2019-2602,CVE-2019-2684,CVE-2019-2698 are found in the below folders
CA\Identity Manager\IAM Suite\Identity Manager\install_config_info\iam-suite-uninstall\resource\
Installed version : 1.8.0_40
CA\Identity Manager\install_config_info\im-uninstall\resource\
Installed version : 1.8.0_40
IM Release : 14.4 GA
Vulnerabilities CVE-2019-2602,CVE-2019-2684,CVE-2019-2698
The above AdoptOpenJDK vulnerabilities are addressed in the version greater than 8u272. So by applying the IM 14.4.1 CP that will upgrade to AdoptOpenJDK 1.8.0_292.