CVE-2015-2601: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect…

medium5CVSS 3.1

AVNACLAuNCPINAN

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.

Affected

9 ranges

Vendor	Product	Version range	Fixed in
debian	openjdk-8	< openjdk-8 8u66-b01-1 (sid)	openjdk-8 8u66-b01-1 (sid)
dell	bsafe_crypto-j	< 6.2.2	6.2.2
oracle	jdk	—	—
oracle	jdk	—	—
oracle	jdk	—	—
oracle	jre	—	—
oracle	jre	—	—
oracle	jre	—	—
oracle	jrockit	—	—

CVSS provenance

nvd5.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N

nvdv3.13.7LOWCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

osv9.8CRITICAL