pkg:maven/org.bouncycastle/bcprov-jdk15on
Type
maven
Namespace
org.bouncycastle
Name
bcprov-jdk15on
Known advisories, vulnerabilities and fixes for org.bouncycastle/bcprov-jdk15on package.
Critical
1
High
1
Moderate
10
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | >= 1.57, < 1.60 |
CVE-2018-1000613
|
 MAVEN:GHSA-4446-656P-F54G
|
Deserialization of Untrusted Data in Bouncy castle | critical |
2018-10-17T16:23:12
(5 years ago) |
|
| Fixed | = 1.60 |
CVE-2018-1000613
|
MAVEN:GHSA-4446-656P-F54G
|
Deserialization of Untrusted Data in Bouncy castle | critical |
2018-10-17T16:23:12
(5 years ago) |
|
| Affected | < 1.66 |
CVE-2020-15522
|
MAVEN:GHSA-6XX3-RG99-GC3P
|
Timing based private key exposure in Bouncy Castle | moderate |
2021-08-13T15:22:31
(2 years ago) |
|
| Fixed | = 1.66 |
CVE-2020-15522
|
MAVEN:GHSA-6XX3-RG99-GC3P
|
Timing based private key exposure in Bouncy Castle | moderate |
2021-08-13T15:22:31
(2 years ago) |
|
| Affected | < 1.61 |
CVE-2020-26939
|
MAVEN:GHSA-72M5-FVVV-55M6
|
Observable Differences in Behavior to Error Inputs in Bouncy Castle | moderate |
2021-04-22T16:16:49
(3 years ago) |
|
| Fixed | = 1.61 |
CVE-2020-26939
|
MAVEN:GHSA-72M5-FVVV-55M6
|
Observable Differences in Behavior to Error Inputs in Bouncy Castle | moderate |
2021-04-22T16:16:49
(3 years ago) |
|
| Affected | >= 1.65, < 1.67 |
CVE-2020-28052
|
MAVEN:GHSA-73XV-W5GP-FRXH
|
Logic error in Legion of the Bouncy Castle BC Java | high |
2021-04-30T16:14:15
(3 years ago) |
|
| Fixed | = 1.67 |
CVE-2020-28052
|
MAVEN:GHSA-73XV-W5GP-FRXH
|
Logic error in Legion of the Bouncy Castle BC Java | high |
2021-04-30T16:14:15
(3 years ago) |
|
| Affected | < 1.48 |
CVE-2013-1624
|
MAVEN:GHSA-8353-FGCR-XFHX
|
Improper Input Validation in Bouncy Castle | moderate |
2022-05-14T02:14:04
(2 years ago) |
|
| Fixed | = 1.48 |
CVE-2013-1624
|
MAVEN:GHSA-8353-FGCR-XFHX
|
Improper Input Validation in Bouncy Castle | moderate |
2022-05-14T02:14:04
(2 years ago) |
|
| Affected | < 1.50 |
CVE-2018-5382
|
MAVEN:GHSA-8477-3V39-GGPM
|
Improper Validation of Integrity Check Value in Bouncy Castle | moderate |
2022-05-13T01:01:01
(2 years ago) |
|
| Fixed | = 1.50 |
CVE-2018-5382
|
MAVEN:GHSA-8477-3V39-GGPM
|
Improper Validation of Integrity Check Value in Bouncy Castle | moderate |
2022-05-13T01:01:01
(2 years ago) |
|
| Affected | < 1.78 |
CVE-2024-29857
|
MAVEN:GHSA-8XFC-GM6G-VGPV
|
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. | moderate |
2024-05-14T15:32:54
(2 months ago) |
|
| Fixed | = 1.78 |
CVE-2024-29857
|
MAVEN:GHSA-8XFC-GM6G-VGPV
|
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. | moderate |
2024-05-14T15:32:54
(2 months ago) |
|
| Affected | >= 1.49, <= 1.70 |
CVE-2023-33201
|
MAVEN:GHSA-HR8G-6V94-X4M9
|
Bouncy Castle For Java LDAP injection vulnerability | moderate |
2023-07-05T03:30:23
(12 months ago) |
|
| Affected | < 1.78 |
CVE-2024-30172
|
MAVEN:GHSA-M44J-CFRM-G8QC
|
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop | moderate |
2024-05-14T15:32:54
(2 months ago) |
|
| Fixed | = 1.78 |
CVE-2024-30172
|
MAVEN:GHSA-M44J-CFRM-G8QC
|
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop | moderate |
2024-05-14T15:32:54
(2 months ago) |
|
| Affected | < 1.78 |
CVE-2024-30171
|
MAVEN:GHSA-V435-XC8X-WVR9
|
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack") | moderate |
2024-05-14T15:32:54
(2 months ago) |
|
| Fixed | = 1.78 |
CVE-2024-30171
|
MAVEN:GHSA-V435-XC8X-WVR9
|
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack") | moderate |
2024-05-14T15:32:54
(2 months ago) |
|
| Affected | < 1.73 |
CVE-2023-33202
|
MAVEN:GHSA-WJXJ-5M7G-MG7Q
|
Bouncy Castle Denial of Service (DoS) | moderate |
2023-11-23T18:30:33
(8 months ago) |
|
| Fixed | = 1.73 |
CVE-2023-33202
|
MAVEN:GHSA-WJXJ-5M7G-MG7Q
|
Bouncy Castle Denial of Service (DoS) | moderate |
2023-11-23T18:30:33
(8 months ago) |
|
| Affected | < 1.0.3 |
CVE-2017-13098
|
MAVEN:GHSA-WRWF-PMMJ-W989
|
Observable Discrepancy in BouncyCastle | moderate |
2022-05-13T01:14:24
(2 years ago) |
|
| Fixed | = 1.0.3 |
CVE-2017-13098
|
MAVEN:GHSA-WRWF-PMMJ-W989
|
Observable Discrepancy in BouncyCastle | moderate |
2022-05-13T01:14:24
(2 years ago) |