CVE-2013-5849 Affecting openjdk-7 package, versions <7u45-2.4.3-1


Severity

Recommended
0.0
medium
0
10

Snyk's Security Team recommends NVD's CVSS assessment. Learn more

Threat Intelligence

EPSS
0.98% (85th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-DEBIAN8-OPENJDK7-398076
  • published16 Oct 2013
  • disclosed16 Oct 2013

Introduced: 16 Oct 2013

CVE-2013-5849  (opens in a new tab)

How to fix?

Upgrade Debian:8 openjdk-7 to version 7u45-2.4.3-1 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream openjdk-7 package and not the openjdk-7 package as distributed by Debian. See How to fix? for Debian:8 relevant fixed versions and status.

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.

References

CVSS Scores

version 3.1