New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
maven

org.bouncycastle:bcprov-jdk15

View on maven registry
16 Total advisories
16 Vulnerabilities
0 Malware

Vulnerabilities

MEDIUM 5.1
Maven

CVE-2020-15522

Timing based private key exposure in Bouncy Castle

MEDIUM 5.5
Maven

CVE-2023-33202

Bouncy Castle Denial of Service (DoS)

HIGH 7.4
Maven

CVE-2016-1000344

In Bouncy Castle JCE Provider the DHIES implementation allowed the use of ECB mode

UNKNOWN
Maven

CVE-2015-7940

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

HIGH 7.5
Maven

CVE-2016-1000338

In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate

HIGH 7.5
Maven

CVE-2016-1000340

The Bouncy Castle JCE Provider carry a propagation bug

HIGH 7.4
Maven

CVE-2016-1000352

In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode

LOW 3.7
Maven

CVE-2016-1000346

In Bouncy Castle JCE Provider the other party DH public key is not fully validated

MEDIUM 5.3
Maven

CVE-2016-1000339

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

MEDIUM 5.9
Maven

CVE-2016-1000345

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

HIGH 7.5
Maven

CVE-2016-1000343

In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values

MEDIUM 5.9
Maven

CVE-2016-1000341

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

HIGH 7.5
Maven

CVE-2018-1000180

Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator

HIGH 7.5
Maven

CVE-2016-1000342

In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification

MEDIUM 5.3
Maven

CVE-2020-26939

Observable Differences in Behavior to Error Inputs in Bouncy Castle

HIGH 8.1
Maven

CVE-2020-28052

Logic error in Legion of the Bouncy Castle BC Java

Ready to move

Start Securing

Free, no credit card | First findings in minutes