Vulnerabilities > Bouncycastle

DATE	CVE	VULNERABILITY TITLE	RISK
2017-12-13	CVE-2017-13098	Information Exposure Through Discrepancy vulnerability in Bouncycastle Legion-Of-The-Bouncy-Castle-Java-Crytography-Api BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. network high complexity bouncycastle CWE-203	5.9
2016-04-18	CVE-2016-2427	Information Exposure vulnerability in multiple products The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for attackers to defeat a cryptographic protection mechanism and discover an authentication key via a crafted application, aka internal bug 26234568. local low complexity bouncycastle google CWE-200	5.5

Vulnerabilities > Bouncycastle {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bouncycastle"}]}