CVE-2014-2414Oracle JDK vulnerability

9 documents7 sources
Severity
7.5HIGHNVD
OSV10.0
EPSS
4.3%
top 11.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Canonical Ubuntu LinuxDebian LinuxOracle JDK+1 more
Timeline
PublishedApr 16
Latest updateMay 10

Description

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDoracle/jdk1.6.0, 1.7.0, 1.8.0+2
NVDoracle/jre1.6.0, 1.7.0, 1.8.0+2

Also affects: Debian Linux 6.0, 7.0, 8.0, Ubuntu Linux 10.04, 12.04, 12.10, 13.10, 14.04

🔴Vulnerability Details

4
GHSA
GHSA-9wjx-27cp-x4w8: Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity2022-05-10
OSV
openjdk-7 vulnerabilities2014-04-30
CVEList
CVE-2014-2414: Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity2014-04-16
OSV
CVE-2014-2414: Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity2014-04-15

📋Vendor Advisories

3
Ubuntu
OpenJDK 6 vulnerabilities2014-05-01
Ubuntu
OpenJDK 7 vulnerabilities2014-04-30
Red Hat
OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)2014-04-15

💬Community

1
Bugzilla
CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)2014-04-14
CVE-2014-2414 — Oracle JDK vulnerability | cvebase