bouncycastle bouncy castle for java vulnerabilities and exploits

(subscribe to this query)

Bouncy Castle For Java prior to 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the cert...

Bouncycastle Bc-java

The default BKS keystore use an HMAC that is only 16 bits long, which can allow an malicious user to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore gener...

Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api Redhat Satellite 6.4 Redhat Satellite Capsule 6.4

The Bouncy Castle Java library prior to 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote malicious users to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve att...

Opensuse Leap 42.1 Opensuse Opensuse 13.1 Opensuse Opensuse 13.2 Bouncycastle Bouncy Castle Crypto Package Oracle Peoplesoft Enterprise Peopletools 8.54 Oracle Virtual Desktop Infrastructure 3.5.2 Oracle Enterprise Manager Ops Center 12.2.2 Oracle Application Testing Suite 12.5.0.2 Oracle Application Testing Suite 12.5.0.1 Oracle Enterprise Manager Ops Center 12.1.4 Oracle Application Testing Suite 12.5.0.3 Oracle Peoplesoft Enterprise Peopletools 8.55

The TLS implementation in the Bouncy Castle Java library prior to 1.48 and C# library prior to 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote malicious users to c...

Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.25 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.40 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.43 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.08 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.20 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.17 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.15 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.42 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.32 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.27 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.41 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.14 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.01 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.30 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.21 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.04 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.07 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.19 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.39 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.23 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.02 Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.45

« PREV 1 2

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook