3 matches found
SUSE CVE-2022-45146
An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module,...
co.elastic.apm:apm-agent-attach-cli (>=1.26.0 <=1.49.0), com.adobe.documentservices:pdfservices-sdk (>=2.2.2 <=3.5.0) +105 more potentially affected by CVE-2022-45146 via org.bouncycastle:bc-fips (>=1.0.1 <=1.0.2.3)
org.bouncycastle:bc-fips MAVEN version =1.0.1, =1.26.0, =2.2.2, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =3.0.34.RELEASE, =8.0.0, =16.1.0, =1.2.0, =3.1.23, =3.0.0-FINAL, =3.0.0-FINAL, =0.6.0, =0.7.0 - io.github.embedded-middleware:embedded-bookkeeper-core =0.0.1 and more Source cves:...
CVE-2022-45146
An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module,...