Vulnerabilities > Bouncycastle > BC Java > 1.50
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-04 | CVE-2016-1000352 | Cryptographic Issues vulnerability in Bouncycastle Bc-Java In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. | 7.4 |
| 2018-06-04 | CVE-2016-1000346 | Key Management Errors vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. | 3.7 |
| 2018-06-04 | CVE-2016-1000345 | 7PK - Time and State vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. | 5.9 |
| 2018-06-04 | CVE-2016-1000344 | Cryptographic Issues vulnerability in Bouncycastle Bc-Java In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. | 7.4 |
| 2018-06-04 | CVE-2016-1000343 | Cryptographic Issues vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. | 7.5 |
| 2018-06-04 | CVE-2016-1000342 | Improper Verification of Cryptographic Signature vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. | 7.5 |
| 2018-06-04 | CVE-2016-1000341 | 7PK - Time and State vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. | 5.9 |
| 2018-06-04 | CVE-2016-1000339 | Cryptographic Issues vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. | 5.3 |