Vulnerabilities > Bouncycastle

DATE CVE VULNERABILITY TITLE RISK
2017-12-13 CVE-2017-13098 Information Exposure Through Discrepancy vulnerability in Bouncycastle Legion-Of-The-Bouncy-Castle-Java-Crytography-Api
BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated.
4.3
2016-04-18 CVE-2016-2427 Information Exposure vulnerability in multiple products
The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for attackers to defeat a cryptographic protection mechanism and discover an authentication key via a crafted application, aka internal bug 26234568.
local
low complexity
bouncycastle google CWE-200
5.5
2015-11-09 CVE-2015-7940 Information Exposure vulnerability in multiple products
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."
network
low complexity
opensuse bouncycastle oracle CWE-200
5.0
2013-02-08 CVE-2013-1624 Cryptographic Issues vulnerability in Bouncycastle products
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
network
high complexity
bouncycastle CWE-310
4.0
2009-03-30 CVE-2007-6721 Unspecified vulnerability in Bouncycastle products
The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."
network
low complexity
bouncycastle
critical
10.0