Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bouncycastle vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-30172
An issue exists in Bouncy Castle Java Cryptography APIs prior to 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
NA
CVE-2024-29857
An issue exists in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) prior to 1.78, BC Java LTS prior to 2.73.6, BC-FJA prior to 1.0.2.5, and BC C# .Net prior to 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during ...
NA
CVE-2024-34447
An issue exists in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-res...
NA
CVE-2023-33202
Bouncy Castle for Java prior to 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a...
Bouncycastle Bouncy Castle For Java
NA
CVE-2023-33201
Bouncy Castle For Java prior to 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the cert...
Bouncycastle Bc-java
NA
CVE-2022-45146
An issue exists in the FIPS Java API of Bouncy Castle BC-FJA prior to 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by t...
Bouncycastle Fips Java Api
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3