Alpine: openjdk7: security update to 7.-r0 (deprecated)

high Tenable Self-Hosted Container Security Plugin ID 401183

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors related to Libraries. (CVE-2014-4262)

- Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows
remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to
Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July
2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper
restriction of the "use of privileged annotations." (CVE-2014-2483)

- Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote
attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
(CVE-2014-2490)

- Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect
confidentiality and integrity via vectors related to JMX. (CVE-2014-4209)

- Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors related to Hotspot. (CVE-2014-4216)

See Also

https://git.alpinelinux.org/aports/commit/?id=600405a4eccfb4bfd376e60c07bc5bb93611d19f

https://git.alpinelinux.org/aports/commit/?id=80f5ac62c11a29201922a51d941e60b4dfa104c2

Plugin Details

Severity: High

ID: 401183

Version: Revision 1.27

Type: Local

Published: 8/16/2023

Updated: 6/22/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 5

Percentile: 95.11

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2014-4262

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2014-4268

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/17/2014

Vulnerability Publication Date: 7/15/2014

Reference Information

CVE: CVE-2014-2483, CVE-2014-2490, CVE-2014-4209, CVE-2014-4216, CVE-2014-4218, CVE-2014-4219, CVE-2014-4221, CVE-2014-4223, CVE-2014-4244, CVE-2014-4252, CVE-2014-4262, CVE-2014-4263, CVE-2014-4264, CVE-2014-4266, CVE-2014-4268

BID: 68562, 68571, 68583, 68590, 68596, 68599, 68608, 68612, 68615, 68620, 68624, 68636, 68639, 68642, 68645