SUSE CVE-2016-1000342

In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of...

SUSE CVE-2016-1000345

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding...

SUSE CVE-2016-1000352

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...

JDK: exposure of sensitive information using a combination of flaws and configurations

IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188...

JDK: exposure of sensitive information using a combination of flaws and configurations

IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188...

GHSA-PFV2-37F7-9M6W Improper Verification of Cryptographic Signature in Nimbus JOSE+JWT

Nimbus JOSE+JWT before 4.36 proceeds with ECKey construction without ensuring that the public x and y coordinates are on the specified curve, which allows attackers to conduct an Invalid Curve Attack in environments where the JCE provider lacks the applicable curve validation...

Observable Discrepancy in BouncyCastle

BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE Java Cryptography Extension for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable...

GHSA-WRWF-PMMJ-W989 Observable Discrepancy in BouncyCastle

BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE Java Cryptography Extension for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable...

Legion of the Bouncy Castle Java Cryptography API Bleichenbacher Oracle Vulnerability

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

GHSA-M26P-M559-G5J5 Legion of the Bouncy Castle Java Cryptography API Bleichenbacher Oracle Vulnerability

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

Security Bulletin: Multiple vulnerabilities in Bouncy Castle Java Cryptography affect IBM Tivoli Business Manager

Summary Bouncy Castle Java Cryptography is shipped as part of IBM Tivoli Business Manager 6.2.0. Information about security vulnerabilities affecting Bouncy Castle Java Cryptography has been published in a security bulletin. Vulnerability Details CVEID: CVE-2018-5382 DESCRIPTION: Bouncy Castle...

Bouncy Castle Java Cryptography APIs CVE-2019-17359 Denial of Service Vulnerability

Description Bouncy Castle Java Cryptography APIs are prone to a denial-of-service vulnerability. Successful exploitation of this issue will cause excessive resource consumption, resulting in a denial-of-service condition. Bouncy Castle Java Cryptography API 1.63 is vulnerable. Technologies Affect...

USN-4080-1: OpenJDK 8 vulnerabilities

Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. CVE-2019-2745 It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing...

OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

UBUNTU-CVE-2019-2842

Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: JCE. The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

Oracle Java SE Access Control Error Vulnerability (CNVD-2019-26748)

Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. An access control error vulnerability exists in the JCE subcomponent of Oracle Java SE version 8u212. An attacker could...

GHSA-W285-WF9Q-5W69 In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...

GHSA-R9CH-M4FH-FC7Q Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k...

GHSA-R97X-3G8F-GX3M The Bouncy Castle JCE Provider carry a propagation bug

In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed org.bouncycastle.math.raw.Nat???. These classes are used by our custom elliptic curve implementations...