Lucene search

Fips Java Api Security Vulnerabilities

cve

CVE-2018-1000180

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta ...

7.5CVSS

7.1AI Score

0.005EPSS

2018-06-05 01:29 PM

153

cve

CVE-2022-45146

An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in use by the module, re...

5.5CVSS

5.2AI Score

0.0004EPSS

2022-11-21 10:15 AM

168

cve

CVE-2023-33202

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafte...

5.5CVSS

5.4AI Score

0.0004EPSS

2023-11-23 04:15 PM