Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bouncycastle vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-30172
An issue exists in Bouncy Castle Java Cryptography APIs prior to 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
NA
CVE-2024-29857
An issue exists in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) prior to 1.78, BC Java LTS prior to 2.73.6, BC-FJA prior to 1.0.2.5, and BC C# .Net prior to 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during ...
NA
CVE-2024-34447
An issue exists in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-res...
NA
CVE-2023-33202
Bouncy Castle for Java prior to 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a...
Bouncycastle Bouncy Castle For Java
NA
CVE-2023-33201
Bouncy Castle For Java prior to 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the cert...
Bouncycastle Bc-java
NA
CVE-2022-45146
An issue exists in the FIPS Java API of Bouncy Castle BC-FJA prior to 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by t...
Bouncycastle Fips Java Api
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3