Lucene search
CVE-2016-1000338
In Bouncy Castle JCE Provider version 1.55 and earlier, DSA does not fully validate ASN.1 encoding of signature on verification, allowing injection of extra elements in the signature sequence
Show more
| Reporter | Title | Published | Views | Family All 42 |
|---|---|---|---|---|
 | GHSA-4VHJ-98R6-424H In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate | 17 Oct 201816:23 | – | osv |
| UBUNTU-CVE-2016-1000338 | 1 Jun 201800:00 | – | osv |
| CVE-2016-1000338 | 1 Jun 201820:29 | – | osv |
| DLA-1418-1 bouncycastle - security update | 7 Jul 201800:00 | – | osv |
| USN-3727-1 bouncycastle vulnerabilities | 1 Aug 201814:56 | – | osv |
| MGASA-2018-0376 Updated bouncycastle packages fix security vulnerabilities | 20 Sep 201823:17 | – | osv |
| OPENSUSE-SU-2024:10661-1 bouncycastle-1.68-3.2 on GA media | 15 Jun 202400:00 | – | osv |
| RHSA-2018:2927 Red Hat Security Advisory: Satellite 6.4 security, bug fix, and enhancement update | 30 Sep 202416:25 | – | osv |
 | CVE-2016-1000338 | 1 Jun 201800:00 | – | cvelist |
 | CVE-2016-1000338 | 1 Jun 201800:00 | – | ubuntucve |
10
Node
Node
Node
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo01 Jun 2018 20:29Current
6.5Medium risk
Vulners AI Score6.5
CVSS25
CVSS37.5
EPSS0.00329