CVE-2014-2422 in openjdk-jre

Do your applications use this vulnerable package? Test your applications

Overview

openjdk-jre is a free and open-source implementation of the Java Platform, Standard Edition (Java SE).

Affected versions of this package are vulnerable to CVE-2014-2422. It allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Remediation

Upgrade openjdk-jre to version 7.0.55, 8.0.5 or higher.

References

Gentoo Security Advisory
HP Security Bulletin
Oracle Security Bulletin
RHSA Security Advisory
Security Focus

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

Required
Scope

Unchanged
Confidentiality

Low
Integrity

Low
Availability

Low

Credit: Unknown
CVE: CVE-2014-2422
Snyk ID: SNYK-UPSTREAM-OPENJDKJRE-73208
Disclosed: 16 Apr, 2014
Published: 31 Jan, 2019

CVE-2014-2422
Affecting openjdk-jre package, versions [1.7.0,1.7.0_55) || [,1.8.0_5)

Overview

Remediation

References

CVSS Score

CVE-2014-2422 Affecting openjdk-jre package, versions [1.7.0,1.7.0_55) || [,1.8.0_5)

Overview

Remediation

References

CVE-2014-2422
Affecting openjdk-jre package, versions [1.7.0,1.7.0_55) || [,1.8.0_5)