EUVD-2021-1608

Malware in sbrugna...

Security Bulletin: A vulnerability in Bouncy Castle affects IBM Robotic Process Automation which could allow an attacker to obtain sensitive information (CVE-2020-15522).

Summary A vulnerability in Bouncy Castle affects IBM Robotic Process Automation which could allow an attacker to obtain sensitive information. IBM Robotic Process Automation uses Bouncy Castle for encrytion. This bulletin identifies the security fixes to apply to address the vulnerability...

Security Bulletin: A vulnerability in Bouncy Castle affect IBM Watson Machine Learning Accelerator

Summary A vulnerability exists in the Bouncy Castle version used by IBM Watson Machine Learning Accelerator. Bouncy Castle upgrade to version 1.69 which resolves these vulnerabilities, is available on IBM Fix Central. Vulnerability Details CVEID: CVE-2020-15522 DESCRIPTION: Bouncy Castle BC Java,...

Timing based private key exposure in Bouncy Castle

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.2.1, BC before 1.66, BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of...

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multip...

openSUSE 15 Security Update : bouncycastle (openSUSE-SU-2021:2163-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2163-1 advisory. - Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within th...

OPENSUSE-SU-2021:2163-1 Security update for bouncycastle

This update for bouncycastle fixes the following issues: - CVE-2020-15522: Fixed a timing issue within the EC math library bsc1186328...

Security update for bouncycastle (moderate)

openSUSE Security Update: Security update for bouncycastle Announcement ID: openSUSE-SU-2021:2163-1 Rating: moderate References: 1186328 Cross-References: CVE-2020-15522 CVSS scores: CVE-2020-15522 NVD : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-15522 SUSE: 5.9...

OPENSUSE-SU-2021:0940-1 Security update for bouncycastle

This update for bouncycastle fixes the following issues: - CVE-2020-15522: Fixed a timing issue within the EC math library bsc1186328. This update was imported from the SUSE:SLE-15-SP2:Update update project...

SUSE SLED15 / SLES15 Security Update : bouncycastle (SUSE-SU-2021:2163-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2163-1 advisory. - Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue with...

SUSE: Security Advisory (SUSE-SU-2021:2163-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:2163-1 Security update for bouncycastle

This update for bouncycastle fixes the following issues: - CVE-2020-15522: Fixed a timing issue within the EC math library bsc1186328...

Information Disclosure

bouncycastle is vulnerable to information disclosure. The vulnerability exists due to a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures...

CVE-2020-15522

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multip...

Information disclosure

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multip...

CVE-2020-15522

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multip...

CVE-2020-15522

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multip...

PT-2020-6924 · Bouncy Castle +1 · Bouncy Castle Bc C# .Net +3

Name of the Vulnerable Software and Affected Versions: Bouncy Castle BC Java versions 1.65 and earlier Bouncy Castle BC C .NET versions 1.8.6 and earlier Bouncy Castle BC-FJA versions 1.0.2.0 and earlier Bouncy Castle BC-FNA versions 1.0.1.0 and earlier Description: The issue is related to a timi...