CLSA-2026-1777566580 openssl: Fix of CVE-2026-28390

CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...

CLSA-2026-1777999127 Fix CVE(s): CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390

SECURITY UPDATE: fix UAF/double-free in DANE client by using X509free for dane-mcert - debian/patches/CVE-2026-28387.patch: fix UAF/double-free in DANE client by using X509free for dane-mcert - CVE-2026-28387 SECURITY UPDATE: NULL check delta-crlnumber before ASN1INTEGERcmp in checkdeltabase -...

CLSA-2026-1777567430 openssl: Fix of CVE-2026-28390

CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...

CLSA-2026-1777567181 openssl: Fix of CVE-2026-28390

CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...

CLSA-2026-1777397374 Fix CVE(s): CVE-2026-28390

SECURITY UPDATE: A NULL pointer dereference in rsacmsdecrypt when processing CMS messages with RSA-OAEP encryption where pSourceFunc is present but its parameters field is absent can trigger a crash, leading to Denial of Service. - debian/patches/CVE-2026-28390.patch: use X509ALGORget0 and...

EUVD-2022-4466

Malicious code in bioql PyPI...

Legion of the Bouncy Castle Java Cryptography API Bleichenbacher Oracle Vulnerability

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

GHSA-M26P-M559-G5J5 Legion of the Bouncy Castle Java Cryptography API Bleichenbacher Oracle Vulnerability

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

Security Bulletin: Multiple vulnerabilities in Bouncy Castle Java Cryptography affect IBM Tivoli Business Manager

Summary Bouncy Castle Java Cryptography is shipped as part of IBM Tivoli Business Manager 6.2.0. Information about security vulnerabilities affecting Bouncy Castle Java Cryptography has been published in a security bulletin. Vulnerability Details CVEID: CVE-2018-5382 DESCRIPTION: Bouncy Castle...

Design/Logic Flaw

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

DEBIAN-CVE-2007-6721

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

CVE-2007-6721

CVE-2007-6721 concerns the Legion of the Bouncy Castle Java Cryptography API (used in Crypto Provider Package) up to release 1.38; a Bleichenbacher vulnerability affects simple RSA CMS signatures without signed attributes. The exact impact is described as unknown in some sources, with remote atta...

CVE-2007-6721

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

PT-2009-1169 · Bouncy Castle · Crypto Provider Package +1

Name of the Vulnerable Software and Affected Versions: Bouncy Castle Java Cryptography API versions prior to 1.38 Crypto Provider Package versions prior to 1.36 Description: The issue is related to a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes, which has...