VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.bouncycastle:bcprov-jdk15on

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2017-13098 medium 5.9 5.9 9y ago Observable Discrepancy in BouncyCastle debianjava
CVE-2015-7940 medium 5.0 11y ago Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15 debiansusejavaoracle
CVE-2013-1624 medium 4.0 14y ago Improper Input Validation in Bouncy Castle debianjava
CVE-2024-30171 unknown 2y ago Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack") debiansusejavanuget
CVE-2024-29857 unknown 2y ago Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. debiansusejavanuget
CVE-2024-34447 unknown 2y ago Bouncy Castle Java Cryptography API vulnerable to DNS poisoning debiansusejava
CVE-2023-33202 unknown 3y ago Bouncy Castle Denial of Service (DoS) debianjava
CVE-2023-33201 unknown 3y ago Bouncy Castle For Java LDAP injection vulnerability debiansusejava
CVE-2018-5382 unknown 4y ago Improper Validation of Integrity Check Value in Bouncy Castle debianjava
CVE-2020-15522 unknown 5y ago Timing based private key exposure in Bouncy Castle debiansusejavanuget
CVE-2020-26939 unknown 5y ago Observable Differences in Behavior to Error Inputs in Bouncy Castle debianjava
CVE-2016-1000345 unknown 8y ago Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15 debianjava
CVE-2016-1000344 unknown 8y ago In Bouncy Castle JCE Provider the DHIES implementation allowed the use of ECB mode debianjava
CVE-2016-1000352 unknown 8y ago In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode debianjava
CVE-2016-1000346 unknown 8y ago In Bouncy Castle JCE Provider the other party DH public key is not fully validated debianjava
CVE-2016-1000343 unknown 8y ago In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values debianjava
CVE-2016-1000342 unknown 8y ago In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification debianjava
CVE-2016-1000341 unknown 8y ago Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15 debianjava
CVE-2016-1000340 unknown 8y ago The Bouncy Castle JCE Provider carry a propagation bug debianjava
CVE-2016-1000339 unknown 8y ago Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15 debianjava
CVE-2016-1000338 unknown 8y ago In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate debianjava
CVE-2018-1000613 unknown 8y ago Deserialization of Untrusted Data in Bouncy castle debiansusejava
CVE-2018-1000180 unknown 8y ago Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator debiansusejava