Bouncy Castle Legion-of-the-bouncy-castle-java-crytography-api 1.56

CPE Details

Bouncy Castle Legion-of-the-bouncy-castle-java-crytography-api 1.56
bouncycastle
legion-of-the-bouncy-castle-java-crytography-api
1.56
2018-10-15
14h19 +00:00
2018-10-15
14h19 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.56:*:*:*:*:*:*:*

Informations

Vendor

bouncycastle

Product

legion-of-the-bouncy-castle-java-crytography-api

Version

1.56

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2018-1000180 2018-06-05 11h00 +00:00 Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later.
7.5
High
CVE-2017-13098 2017-12-13 01h00 +00:00 BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable application. This vulnerability is referred to as "ROBOT."
7.5
High