Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2021/08/13 3:22 p.m.153 views

Timing based private key exposure in Bouncy Castle

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.2.1, BC before 1.66, BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of...

5.9CVSS1.5AI score0.01522EPSS
Exploits0References6Affected Software9
GitLab Advisory Database
GitLab Advisory Database
added 2021/08/13 12:0 a.m.42 views

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multip...

5.9CVSS6.7AI score0.01522EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.37 views

openSUSE 15 Security Update : bouncycastle (openSUSE-SU-2021:2163-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2163-1 advisory. - Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within th...

5.9CVSS6.7AI score0.01522EPSS
Exploits0References4
NVD
NVD
added 2021/05/20 12:15 p.m.28 views

CVE-2020-15522

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multip...

5.9CVSS0.01522EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/05/20 12:15 p.m.45 views

CVE-2020-15522

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multip...

5.9CVSS6.8AI score0.01522EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2020/07/04 12:0 a.m.41 views

The Bouncy Castle Crypto APIs -- EC math vulnerability

The Bouncy Castle team reports:: Bouncy Castle BC Java before 1.66 has a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures...

5.9CVSS1.6AI score0.01522EPSS
Exploits0References1
Rows per page
Query Builder