Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-1000342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject...

7.5CVSS7.3AI score0.01782EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/14 9:58 p.m.47 views

Security Bulletin: IBM Sterling File Gateway is vulnerable to multiple issues due to Bouncy Castle

Summary IBM Sterliing File Gateway has addressed multiple security vulnerabilities in Bouncy Castle. Vulnerability Details CVEID:CVE-2016-1000343 DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected security, caused by a flaw in the DSA key pair generator. A remote attacker...

7.5CVSS6.7AI score0.24282EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/14 4:59 p.m.83 views

Security Bulletin: IBM Security Guardium Big Data Intelligence is affected by a Using Components with Known Vulnerabilities vulnerability

Summary IBM Security Guardium is aware of the following vulnerability Vulnerability Details CVEID: CVE-2016-1000342 DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected security, caused by improper validation of ASN.1 encoding of signature in the ECDSA. A remote attacker cou...

9.8CVSS0.5AI score0.24282EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2018/10/17 4:24 p.m.5 views

ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), ai.h2o:h2o-app (>=0.1.22 <=0.1.25) +1040 more potentially affected by CVE-2016-1000342 via org.bouncycastle:bcprov-jdk15 (>=1.38 <=1.46)

org.bouncycastle:bcprov-jdk15 MAVEN version =1.38, =1.3, =0.1.22, =0.1.22, =1.0.0, =2.1.0, =1.0.1, =4.2.0, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.0.3, =1.3.3 and more Source cves: CVE-2016-1000342 Source advisory: OSV:GHSA-QCJ7-G2J5-G7R3...

7.5CVSS7.2AI score0.01782EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/10/17 4:24 p.m.6 views

ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), aero.m-click:mcpdf (>=0.2.3 <=0.2.4) +6778 more potentially affected by CVE-2016-1000342 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.55)

org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =0.2.3, =0.42.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2016-1000342 Source advisory: OSV:GHSA-QCJ7-G2J5-G7R3...

7.5CVSS7.1AI score0.01782EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/10/17 4:24 p.m.10 views

br.net.woodstock.rockframework:rockframework-core (>=1.2.1 <=1.2.2), com.alanpoi:alanpoi-all (>=1.3.5 <=3.0.0) +64 more potentially affected by CVE-2016-1000342 via org.bouncycastle:bcprov-jdk14 (>=1.38 <=1.55)

org.bouncycastle:bcprov-jdk14 MAVEN version =1.38, =1.2.1, =1.3.5, =1.3.5, =2.0, =1.0, =1.6.1.P24, =1.7, =0.0.1, =1.0, =1.1 - com.github.lkkushan101.RestAssuredPDFReport:com.github.lkkushan101.RestAssuredPDFReport =1.00 - com.github.lkkushan101.appiumlocator:com.github.lkkushan101.appiumlocator...

7.5CVSS7.1AI score0.01782EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2018/09/11 7:53 a.m.132 views

Important: Red Hat Security Advisory: Fuse 7.1 security update

An update is now available for Red Hat Fuse. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.7AI score0.95821EPSS
Exploits7References27
OpenVAS
OpenVAS
added 2018/08/02 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-3727-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.0482EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/07/09 12:0 a.m.45 views

Debian DLA-1418-1 : bouncycastle security update

Several security vulnerabilities were found in Bouncy Castle, a Java implementation of cryptographic algorithms. CVE-2016-1000338 DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have...

7.5CVSS6.3AI score0.03174EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2018/07/09 12:0 a.m.39 views

Debian: Security Advisory (DLA-1418-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.03174EPSS
Exploits0References3
Debian
Debian
added 2018/07/07 1:56 p.m.37 views

[SECURITY] [DLA 1418-1] bouncycastle security update

Package : bouncycastle Version : 1.49+dfsg-3+deb8u3 CVE ID : CVE-2016-1000338 CVE-2016-1000339 CVE-2016-1000341 CVE-2016-1000342 CVE-2016-1000343 CVE-2016-1000345 CVE-2016-1000346 Several security vulnerabilities were found in Bouncy Castle, a Java implementation of cryptographic algorithms...

7.5CVSS7.4AI score0.03174EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/06/15 12:0 a.m.37 views

openSUSE: Security Advisory for bouncycastle (openSUSE-SU-2018:1689-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.8AI score0.24282EPSS
Exploits0References2
NVD
NVD
added 2018/06/04 1:29 p.m.21 views

CVE-2016-1000342

In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of...

7.5CVSS6.5AI score0.01782EPSS
Exploits0References7
CVE
CVE
added 2018/06/04 1:0 p.m.158 views

CVE-2016-1000342

CVE-2016-1000342 is associated with Bouncy Castle JCE Provider up to version 1.55 and earlier, where ECDSA does not fully validate ASN.1 encoding of signatures during verification. This can allow injection of extra elements in the signature sequence and may permit the introduction of “invisible” ...

7.5CVSS7.2AI score0.01782EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder