The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Bouncy Castle JCE

Bouncy Castle Java Cryptography Extension: vulnerability via XMSS Private Keys Deserialization
A vulnerability via XMSS Private Keys Deserialization of Bouncy Castle Java Cryptography Extension was announced...
CERTFR-2019-AVI-325, cpuapr2019, cpuapr2020, cpujan2019, cpujul2019, CVE-2018-1000613, FEDORA-2018-e6894349c9, JSA10939, JSA11023, openSUSE-SU-2018:2131-1, openSUSE-SU-2018:2180-1, openSUSE-SU-2020:0607-1, VIGILANCE-VUL-26596
Bouncy Castle: vulnerability via RSA Digital Signature Prime Generation
A vulnerability via RSA Digital Signature Prime Generation of Bouncy Castle was announced...
CERTFR-2019-AVI-325, cpuapr2019, cpuapr2020, cpujan2019, cpujul2019, CVE-2018-1000180, DSA-4233-1, FEDORA-2018-ceced55c5e, FEDORA-2018-da9fe79871, JSA10939, JSA11023, openSUSE-SU-2018:2820-1, RHSA-2018:2423-01, RHSA-2018:2424-01, RHSA-2018:2425-01, RHSA-2018:2669-01, VIGILANCE-VUL-26323
Bouncy Castle: information disclosure via BKS-V1
An attacker can bypass access restrictions to data via BKS-V1 of Bouncy Castle, in order to obtain sensitive information...
CERTFR-2019-AVI-325, CVE-2018-5382, JSA10939, JSA11023, VIGILANCE-VUL-25597, VU#306792
Bouncy Castle: information disclosure via ROBOT Attack
An attacker can bypass access restrictions to data via ROBOT Attack (VIGILANCE-VUL-24749) of Bouncy Castle, in order to obtain sensitive information...
bulletinjan2019, CVE-2017-13098, DSA-4072-1, FEDORA-2018-ceced55c5e, FEDORA-2018-da9fe79871, JSA11023, openSUSE-SU-2018:1689-1, openSUSE-SU-2018:2131-1, openSUSE-SU-2020:0607-1, VIGILANCE-VUL-24750
TLS: information disclosure via ROBOT Attack
An attacker can bypass access restrictions to data via ROBOT Attack of TLS, in order to obtain sensitive information...
CERTFR-2017-ALE-020, cisco-sa-20171212-bleichenbacher, CSCvg74693, CTX230238, K21905460, KB0080545, PAN-SA-2017-0032, ROBOT Attack, VIGILANCE-VUL-24749, VU#144389
Bouncy Castle: information disclosure via GCM
An attacker can bypass access restrictions to data via GCM of Bouncy Castle, in order to obtain sensitive information...
CVE-2015-6644, DLA-893-1, DSA-3829-1, FEDORA-2017-4c3ac44551, RHSA-2017:1832-01, RHSA-2017:2808-01, RHSA-2017:2809-01, RHSA-2017:2810-01, RHSA-2017:2811-01, USN-3727-1, VIGILANCE-VUL-22393
Bouncy Castle: multiple vulnerabilities
An attacker can use several vulnerabilities of Bouncy Castle...
CERTFR-2019-AVI-325, CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340, CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346, CVE-2016-1000352, DLA-1418-1, JSA10939, JSA11023, openSUSE-SU-2018:1689-1, RHSA-2018:2669-01, USN-3727-1, VIGILANCE-VUL-21455
Bouncy Castle JCE: incorrect computation of NatX.square
An attacker can use a computation error in NatX.square() in the ECDH implementation of Bouncy Castle JCE, in order to obtain a static key...
VIGILANCE-VUL-21223
Bouncy Castle: MD5 allowed in TLS 1.2
An attacker can create a collision with a weak algorithm such as MD5 in a TLS 1.2 session of Bouncy Castle, in order to capture data belonging to this session...
CVE-2015-7575, openSUSE-SU-2016:0605-1, SLOTH, SUSE-SU-2016:0256-1, VIGILANCE-VUL-18615
Bouncy Castle, Oracle Java: disclosure of elliptic curve private keys
An attacker can use a vulnerability in the elliptic curve implementation of Bouncy Castle and Oracle Java, in order to obtain sensitive information...
1968485, 1972455, 9010041, 9010044, BSA-2016-002, CERTFR-2019-AVI-325, cpuapr2018, cpuapr2020, cpujan2017, cpujan2018, cpujan2019, cpujul2015, cpujul2017, cpujul2018, cpuoct2017, CVE-2015-2613, CVE-2015-7940, DSA-3417-1, FEDORA-2015-7d95466eda, JSA10939, JSA11023, NTAP-20150715-0001, NTAP-20151028-0001, openSUSE-SU-2015:1911-1, RHSA-2016:2035-01, RHSA-2016:2036-01, USN-3727-1, VIGILANCE-VUL-18168
Our database contains other pages. You can request a free trial to read them.

Display information about Bouncy Castle JCE: