Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:3296
HistoryJan 16, 2017 - 4:04 a.m.

Side Channel Leakage

2017-01-1604:04:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10

0.003 Low

EPSS

Percentile

71.1%

bouncycastle is vulnerable to side channel leakages. The library uses large static lookup tables in AESFastEngine mode, meaning where data accessed by the CPU can be observed, it is possible for a malicious user to gain information about the key used to initialize the cipher.