26 Total advisories
26 Vulnerabilities
0 Malware
Vulnerabilities
UNKNOWN
CVE-2025-14813
Bouncy Castle for Java GOST 28147 CTR mode reuses keystream after 255 blocks
UNKNOWN
CVE-2026-5598
Bouncy Castle Has Covert Timing Channel Vulnerability
UNKNOWN
CVE-2026-0636
Bouncy Castle has an LDAP injection
MEDIUM 5.9
CVE-2024-34447
Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
MEDIUM 5.9
CVE-2024-30171
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")
MEDIUM 5.3
CVE-2024-29857
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
MEDIUM 5.1
CVE-2020-15522
Timing based private key exposure in Bouncy Castle
UNKNOWN
CVE-2025-8885
Bouncy Castle for Java on All (API modules) allows Excessive Allocation
MEDIUM 5.3
CVE-2024-30172
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
MEDIUM 5.3
CVE-2023-33201
Bouncy Castle For Java LDAP injection vulnerability
MEDIUM 5.5
CVE-2023-33202
Bouncy Castle Denial of Service (DoS)
HIGH 7.4
CVE-2016-1000344
In Bouncy Castle JCE Provider the DHIES implementation allowed the use of ECB mode
UNKNOWN
CVE-2015-7940
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
HIGH 7.5
CVE-2016-1000338
In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate
HIGH 7.5
CVE-2016-1000340
The Bouncy Castle JCE Provider carry a propagation bug
HIGH 7.4
CVE-2016-1000352
In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode
LOW 3.7
CVE-2016-1000346
In Bouncy Castle JCE Provider the other party DH public key is not fully validated
MEDIUM 5.3
CVE-2016-1000339
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
MEDIUM 5.9
CVE-2016-1000345
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
HIGH 7.5
CVE-2016-1000343
In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values
MEDIUM 5.9
CVE-2016-1000341
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
HIGH 7.5
CVE-2018-1000180
Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator
HIGH 7.5
CVE-2016-1000342
In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification
MEDIUM 5.3
CVE-2020-26939
Observable Differences in Behavior to Error Inputs in Bouncy Castle
HIGH 8.1
CVE-2020-28052
Logic error in Legion of the Bouncy Castle BC Java
HIGH 7.5
CVE-2019-17359
Out-of-Memory Error in Bouncy Castle Crypto
Ready to move
Start Securing
Free, no credit card | First findings in minutes