Oracle officially ended public updates for Java 7 in 2015. This means any new security holes found after that date remain unpatched in version 80. Why People Still Use It (and Why You Shouldn't) JDK and Java Vulnerabilities - Azul Systems
Understanding the Security Risks of Java 7 Update 80 Released in April 2015, marked the end of the public roadmap for the Java SE 7 family. Because it was the final public patch, it remains a common fixture in legacy enterprise environments. However, using this version today presents significant security risks. java 7 update 80 vulnerabilities