Back
CVE-2015-2590
CRITICAL
CISA KEV
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
Published: Jul 16, 2015
Modified: Apr 21, 2026
NVD-CWE-noinfo
CVSS Metrics
CVSSv3
Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products (71)
| Vendor | Product | Version |
|---|---|---|
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.8.0 |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.8.0 |
| oracle | jre | 1.8.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 15.04 |
| debian | debian_linux | 7.0 |
| debian | debian_linux | 8.0 |
| suse | linux_enterprise_debuginfo | 11 |
| suse | linux_enterprise_debuginfo | 11 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| suse | linux_enterprise_desktop | 11 |
…and 51 more
GitHub Security Advisory GHSA-mhp7-xhx6-9x45
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and...
References (51)
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html Mailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html Mailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html Mailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html Mailing List, Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1228.html Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1229.html Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1230.html Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1241.html Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1242.html Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1243.html Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1485.html Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1486.html Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1488.html Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1526.html Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1544.html Third Party Advisory
Risk Scores
CVSS Score
9.8 / 10
EPSS Score
66.62%
Top 1% most likely to be exploited
Threat Score
89.2 / 100
CISA Known Exploited
Date Added:
2022-03-03
Due Date:
2022-03-24
Required Action:
Apply updates per vendor instructions.
Data Sources
NVD
CISA KEV
EPSS
GitHub