20 matches found
SUSE CVE-2018-1000180
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 bet...
Security Bulletin: IBM Sterling File Gateway is vulnerable to multiple issues due to Bouncy Castle
Summary IBM Sterliing File Gateway has addressed multiple security vulnerabilities in Bouncy Castle. Vulnerability Details CVEID:CVE-2016-1000343 DESCRIPTION: Bouncy Castle JCE Provider could provide weaker than expected security, caused by a flaw in the DSA key pair generator. A remote attacker...
Security Bulletin: Bouncy Castle as used by IBM QRadar SIEM contains multiple vulnerabilities (CVE-2018-1000613, CVE-2017-13098, CVE-2018-1000180)
Summary Bouncy Castle as used by IBM QRadar SIEM contains multiple vulnerabilities Vulnerability Details CVEID: CVE-2018-1000613 DESCRIPTION: Legion of the Bouncy Castle Java Cryptography APIs could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe reflection fl...
Oracle WebLogic Server Multiple Vulnerabilities (January 2019 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read...
Fedora 28 : bouncycastle (2018-ceced55c5e)
Security fixes for CVE-2017-13098 and CVE-2018-1000180 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
br.net.woodstock.rockframework:rockframework-core (>=1.2.1 <=1.2.2), com.alanpoi:alanpoi-all (>=1.3.5 <=3.0.0) +70 more potentially affected by CVE-2018-1000180 via org.bouncycastle:bcprov-jdk14 (>=1.38 <=1.59)
org.bouncycastle:bcprov-jdk14 MAVEN version =1.38, =1.2.1, =1.3.5, =1.3.5, =2.0, =1.0, =1.6.1.P24, =1.7, =0.0.1, =1.0, =1.1 - com.github.lkkushan101.RestAssuredPDFReport:com.github.lkkushan101.RestAssuredPDFReport =1.00 - com.github.lkkushan101.appiumlocator:com.github.lkkushan101.appiumlocator...
openSUSE Security Update : bouncycastle (openSUSE-2018-1043)
This update for bouncycastle fixes the following security issue : - CVE-2018-1000180: Fixed flaw in the Low-level interface to RSA key pair generator. RSA Key Pairs generated in low-level API with added certainty may had less M-R tests than expected bsc1096291. %NASLMINLEVEL 70300 C Tenable Netwo...
openSUSE: Security Advisory for bouncycastle (openSUSE-SU-2018:2820-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for bouncycastle (moderate)
This update for bouncycastle fixes the following security issue: - CVE-2018-1000180: Fixed flaw in the Low-level interface to RSA key pair generator. RSA Key Pairs generated in low-level API with added certainty may had less M-R tests than expected bsc1096291...
Important: Red Hat Security Advisory: Fuse 7.1 security update
An update is now available for Red Hat Fuse. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
RHEL 7 : rhvm-appliance (RHSA-2018:2643)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2643 advisory. The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is availab...
Fedora Update for bouncycastle FEDORA-2018-e6894349c9
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL7 (RHSA-2018:2424)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2424 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL7 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Several Security Defects in the Bouncy Castle Crypto APIs
The Legion of the Bouncy Castle reports: Release 1.60 is now available for download. CVE-2018-1000180: issue around primality tests for RSA key pair generation if done using only the low-level API. CVE-2018-1000613: lack of class checking in deserialization of XMSS/XMSS^MT private keys with BDS...
Debian DSA-4233-1 : bouncycastle - security update
It was discovered that the low-level interface to the RSA key pair generator of Bouncy Castle a Java implementation of cryptographic algorithms could perform less Miller-Rabin primality tests than expected. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...
Fedora Update for bouncycastle FEDORA-2018-da9fe79871
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for bouncycastle FEDORA-2018-ceced55c5e
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-1000180
A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...
CVE-2018-1000180
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 bet...