Lucene search
K

13 matches found

vulnersOsv
vulnersOsv
added 2021/04/22 4:16 p.m.8 views

ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), aero.m-click:mcpdf (>=0.2.3 <=0.2.4) +13007 more potentially affected by CVE-2020-26939 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.60)

org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =0.2.3, =0.42.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2020-26939 Source advisory: OSV:GHSA-72M5-FVVV-55M6...

5.3CVSS6.7AI score0.00914EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/04/22 4:16 p.m.5 views

br.net.woodstock.rockframework:rockframework-core (>=1.2.1 <=1.2.2), com.alanpoi:alanpoi-all (>=1.3.5 <=3.0.0) +82 more potentially affected by CVE-2020-26939 via org.bouncycastle:bcprov-jdk14 (>=1.38 <=1.60)

org.bouncycastle:bcprov-jdk14 MAVEN version =1.38, =1.2.1, =1.3.5, =1.3.5, =2.0, =1.0, =1.6.1.P24, =1.7, =0.0.1, =1.0, =1.1 - com.github.lkkushan101.RestAssuredPDFReport:com.github.lkkushan101.RestAssuredPDFReport =1.00 - com.github.lkkushan101.appiumlocator:com.github.lkkushan101.appiumlocator...

5.3CVSS6.7AI score0.00914EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/04/22 4:16 p.m.6 views

app.cash.backfila:client-misk (>=0.1.0 <=0.1.4-20221128.2102-bdd85b6), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +521 more potentially affected by CVE-2020-26939 via org.bouncycastle:bcprov-ext-jdk15on (>=1.47 <=1.60)

org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.47, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =0.0.1, =2.0.0, =2.0.1 and more Source cves: CVE-2020-26939 Source...

5.3CVSS6.7AI score0.00914EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/04/22 4:16 p.m.5 views

cn.regionsoft:ONE (=2.1.1), co.baiku.boot:ajavaer-cache (=0.3.0-RELEASES) +49 more potentially affected by CVE-2020-26939 via org.bouncycastle:bcprov-ext-jdk16 (>=1.45 <=1.46)

org.bouncycastle:bcprov-ext-jdk16 MAVEN version =1.45, =0.0.1-RELEASE, =0.0.1.RELEASE, =0.0.3.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.3.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.9.RELEASE and more Source cves: CVE-2020-26939 Source advisor...

5.3CVSS6.7AI score0.00914EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/04/22 4:16 p.m.8 views

br.com.swconsultoria:java-cte (>=3.00.4 <=3.00.8), br.com.swconsultoria:java-mdfe (>=3.00.3 <=3.00.4) +1215 more potentially affected by CVE-2020-26939 via org.bouncycastle:bcprov-jdk16 (>=1.38 <=1.46)

org.bouncycastle:bcprov-jdk16 MAVEN version =1.38, =3.00.4, =3.00.3, =4.00.10, =1.0, =2.0, =1.2.4, =2.0.0, =2.1, =2.1, =2.10.0, =2.10.0, =2.11.0 and more Source cves: CVE-2020-26939 Source advisory: OSV:GHSA-72M5-FVVV-55M6...

5.3CVSS6.7AI score0.00914EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/19 2:3 p.m.42 views

Security Bulletin: A vulnerability in Bouncy Castle affects IBM Rational Performance Tester (CVE-2020-26939)

Summary IBM Rational Performance Tester is vulnerable to error inputs in OAEPEncoding, potentially allowing a remote attacker to exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system. Vulnerability Details CVEID:...

5.3CVSS1.1AI score0.00914EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/11/06 12:0 a.m.20 views

Debian: Security Advisory (DLA-2433-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS8.8AI score0.00914EPSS
Exploits0References3
Debian
Debian
added 2020/11/05 10:54 a.m.32 views

[SECURITY] [DLA 2433-1] bouncycastle security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2433-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 05, 2020 https://wiki.debian.org/LTS -...

5.3CVSS5.5AI score0.00914EPSS
Exploits0
OSV
OSV
added 2020/11/02 10:15 p.m.10 views

CVE-2020-26939

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext tha...

5.3CVSS5AI score0.00914EPSS
Exploits0References2
OSV
OSV
added 2020/11/02 10:15 p.m.3 views

DEBIAN-CVE-2020-26939

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext tha...

5.3CVSS6.5AI score0.00914EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/11/02 10:15 p.m.37 views

CVE-2020-26939

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext tha...

5.3CVSS6.8AI score0.00914EPSS
Exploits0References3
OSV
OSV
added 2020/11/02 10:15 p.m.7 views

UBUNTU-CVE-2020-26939

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext tha...

5.3CVSS6.9AI score0.00914EPSS
Exploits0References4
CVE
CVE
added 2020/11/02 10:0 p.m.127 views

CVE-2020-26939

CVE-2020-26939 : Affects Legion of the Bouncy Castle BC (before 1.61) and BC-FJA (before 1.0.1.2). The OAEPEncoding path can leak information about the RSA private exponent when an invalid ciphertext decrypts to a short payload, via early exceptions in the OAEP decoder. Consequence is partial dis...

5.3CVSS5.2AI score0.00914EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder