1007 matches found
Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Bouncy Castle (CVE-2026-0636,CVE-2026-5598,CVE-2026-5588&CVE-2026-3505)
Summary IBM App Connect Enterprise Toolkit and Runtime are vulnerable to multiple vulnerabilities due to Bouncy Castle. Vulnerability Details CVEID:CVE-2026-0636 DESCRIPTION: Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy...
Security Bulletin: Multiple vulnerabilities in IBM DevOps Solution Workbench
Summary Multiple vulnerabilities were addressed in IBM DevOps Solution Workbench version 5.2.0 Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in replacement for Node's http and https modules that automatically follows redirects. Prior to 1.16.0,...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Bouncy Castle bcpkix (CVE-2026-5588)
Summary A vulnerability in Bouncy Castle bcpkix that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules...
Security Bulletin: IBM® Db2® is affected by vulnerabilities in bcprov-jdk18on-1.82 and bcpkix-jdk18on-1.82.
Summary IBM® Db2® is affected by vulnerabilities in bcprov-jdk18on-1.82 and bcpkix-jdk18on-1.82 Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This...
Security Bulletin: SPSS Collaboration and Deployment Services is affected by Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc
Summary SPSS Collaboration and Deployment Services is affected by Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-3505 DESCRIPTION: Allocation of resources without limits o...
ROOT-APP-MAVEN-CVE-2026-0636 CVE-2026-0636 in io.root.org.bouncycastle:bcprov-jdk18on - Patched by Root
Root has patched CVE-2026-0636 in the io.root.org.bouncycastle:bcprov-jdk18on package for Root:Maven. Multiple fixed versions available...
Security Bulletin: Multiple Security Vulnerabilities in third-Party libraries used by IBM Tivoli Netcool Configuration Manager
Summary Multiple vulnerabilities in the third-party Bouncy Castle libraries used by IBM Tivoli Netcool Configuration Manager have been addressed. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle In...
Astra Linux – Vulnerability in Bouncycastle
Bouncy Castle for Java before version 1.73 contains a potential Denial of Service DoS issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM-encoded streams containing X.509 certificates, PKCS8-encoded keys, and PKCS7 objects. Parsing a file that...
Security Bulletin: IBM ApplinX is vulnerable to multiple vulnerabilities due to the use of Bouncy Castle library (CVE-2023-33202, CVE-2025-8916, CVE-2026-5588, CVE-2025-14813, CVE-2026-5598, CVE-2026-0636)
Summary IBM ApplinX is vulnerable to an Uncontrolled Resource Consumption vulnerability, an Allocation of Resources Without Limits or Throttling vulnerability, a Use of a Broken or Risky Cryptographic Algorithm, a Covert Timing Channel vulnerability and an Improper Neutralization of Special...
PT-2026-50568
Name of the Vulnerable Software and Affected Versions Steeltoe.Configuration.Encryption versions 4.0.0 through 4.1.0 Description Steeltoe is an open source project providing libraries for building cloud-native applications. An issue exists where configuring the encrypt:rsa:algorithm variable with...
Security Bulletin: Multiple vulnerabilities in IBM Tivoli Network Manager IP Edition
Summary Multiple vulnerabilities were addressed in IBM Tivoli Network Manager IP Edition 4.2.0.24 IFix 1 Vulnerability Details CVEID:CVE-2025-11143 DESCRIPTION: The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of...
Security Bulletin: IBM Technical Support Appliance is affected by a timing channel vulnerability in Bouncy Castle BC-JAVA
Summary IBM Technical Support Appliance TSA includes a vulnerable version of the Bouncy Castle BC-JAVA library bcprov-jdk18on-1.78.1.jar. A flaw in the FrodoEngine component may expose information through a covert timing channel, potentially affecting the confidentiality of cryptographic operatio...
Security Bulletin: Multiple vulnerabilities in IBM Rational Developer for i (CVE-2026-3505, CVE-2025-14813, CVE-2026-0636, CVE-2026-5598, CVE-2026-33671, CVE-2026-33672, CVE-2026-5588, CVE-2026-40175)
Summary IBM Rational Developer for i is affected by an uncontrolled resource consumption vulnerability in Bcpg CVE-2026-3505, a broken or risky cryptographic vulnerability in Bcprov CVE-2025-14813, an LDAP injection vulnerability in Bcprov CVE-2026-0636, a covert timing channel vulnerability in...
Security Bulletin: IBM Technical Support Appliance is affected by an LDAP Injection Vulnerability in Bouncy Castle BC-JAVA
Summary IBM Technical Support Appliance TSA includes a vulnerable version of the Bouncy Castle BC-JAVA provider library bcprov-jdk18on-1.78.1.jar. A flaw in the BC-JAVA LDAP certificate store implementation LDAPStoreHelper could allow improper neutralization of special elements used in LDAP...
Amazon Linux 2023 : bouncycastle, bouncycastle-javadoc, bouncycastle-mail (ALAS2023-2026-1775)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1775 advisory. Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules. PKIX draft CompositeVerifier accepts empty signature sequence as...
Medium: bouncycastle
Issue Overview: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules. PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84. CVE-2026-5588 Affected...
Security Bulletin: Due to use of bcpkix-jdk18on-1.81.jar, IBM Sterling Connect:Direct Web Services is affected by Use of a Broken or Risky Cryptographic Algorithm vulnerability.
Summary bcpkix-jdk18on-1.81.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-5588. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion o...
Security Bulletin: There is a vulnerability in bcprov-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-0636)
Summary There is a vulnerability in bcprov-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-0636 DESCRIPTION: Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of t...
Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to an issue in Bouncy Castle
Summary There is a vulnerability in Bouncy Castle used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVE CVE-2026-5588. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in Bouncy Castle bcprov-jdk (CVE-2025-14813, CVE-2026-5598)
Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2025-14813, CVE-2026-5598 reported for bcprov-jdk18on-1.81.jar. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JA...