Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:3294
HistoryJan 16, 2017 - 3:22 a.m.

Carry Propagation

2017-01-1603:22:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

0.002 Low

EPSS

Percentile

60.1%

bouncycastle is vulnerable to carry propagation bugs. This bug caused mathematical miscalculations during static Elliptic Curve Diffie Hellman which in rare cases for it to miscalculate elliptic curve scalar multiplication. This allows a malicious user in certain cases to obtain the key.