CVE-2022-45146

A flaw was found in the FIPS Java API of Bouncy Castle BC-FJA. Affected versions of this package are vulnerable to Improper Authentication. Changes to the JVM garbage collector in Java 13 and later can trigger an issue in the BC-FJA FIPS modules, where it is possible for temporary keys used by th...

CVE-2023-33202

Bouncy Castle for Java before 1.73 contains a potential Denial of Service DoS issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafte...

GHSA-68M8-V89J-7J2P Garbage collection issue in BC-FJA in Java 13 and later

An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module,...

CVE-2022-45146

An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module,...