New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
maven

org.bouncycastle:bcprov-jdk14

View on maven registry
26 Total advisories
26 Vulnerabilities
0 Malware

Vulnerabilities

UNKNOWN
Maven

CVE-2025-14813

Bouncy Castle for Java GOST 28147 CTR mode reuses keystream after 255 blocks

UNKNOWN
Maven

CVE-2026-5598

Bouncy Castle Has Covert Timing Channel Vulnerability

UNKNOWN
Maven

CVE-2026-0636

Bouncy Castle has an LDAP injection

MEDIUM 5.9
Maven

CVE-2024-34447

Bouncy Castle Java Cryptography API vulnerable to DNS poisoning

MEDIUM 5.9
Maven

CVE-2024-30171

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

MEDIUM 5.3
Maven

CVE-2024-29857

Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

MEDIUM 5.1
Maven

CVE-2020-15522

Timing based private key exposure in Bouncy Castle

UNKNOWN
Maven

CVE-2025-8885

Bouncy Castle for Java on All (API modules) allows Excessive Allocation

MEDIUM 5.3
Maven

CVE-2024-30172

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

MEDIUM 5.3
Maven

CVE-2023-33201

Bouncy Castle For Java LDAP injection vulnerability

MEDIUM 5.5
Maven

CVE-2023-33202

Bouncy Castle Denial of Service (DoS)

HIGH 7.4
Maven

CVE-2016-1000344

In Bouncy Castle JCE Provider the DHIES implementation allowed the use of ECB mode

UNKNOWN
Maven

CVE-2015-7940

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

HIGH 7.5
Maven

CVE-2016-1000338

In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate

HIGH 7.5
Maven

CVE-2016-1000340

The Bouncy Castle JCE Provider carry a propagation bug

HIGH 7.4
Maven

CVE-2016-1000352

In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode

LOW 3.7
Maven

CVE-2016-1000346

In Bouncy Castle JCE Provider the other party DH public key is not fully validated

MEDIUM 5.3
Maven

CVE-2016-1000339

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

MEDIUM 5.9
Maven

CVE-2016-1000345

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

HIGH 7.5
Maven

CVE-2016-1000343

In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values

MEDIUM 5.9
Maven

CVE-2016-1000341

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

HIGH 7.5
Maven

CVE-2018-1000180

Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator

HIGH 7.5
Maven

CVE-2016-1000342

In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification

MEDIUM 5.3
Maven

CVE-2020-26939

Observable Differences in Behavior to Error Inputs in Bouncy Castle

HIGH 8.1
Maven

CVE-2020-28052

Logic error in Legion of the Bouncy Castle BC Java

HIGH 7.5
Maven

CVE-2019-17359

Out-of-Memory Error in Bouncy Castle Crypto

Ready to move

Start Securing

Free, no credit card | First findings in minutes