CVE-2014-6517: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect…

medium5CVSS 3.1

AVNACLAuNCPINAN

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.

Affected

8 ranges

Vendor	Product	Version range	Fixed in
debian	openjdk-8	< openjdk-8 8u40~b09-1 (sid)	openjdk-8 8u40~b09-1 (sid)
oracle	jdk	—	—
oracle	jdk	—	—
oracle	jre	—	—
oracle	jre	—	—
oracle	jre	—	—
oracle	jrockit	—	—
oracle	jrockit	—	—

CVSS provenance

nvd5.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N

osv5.0MEDIUM