New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
maven

org.bouncycastle:bcprov-jdk15on

View on maven registry
24 Total advisories
24 Vulnerabilities
0 Malware

Vulnerabilities

MEDIUM 5.9
Maven

CVE-2024-34447

Bouncy Castle Java Cryptography API vulnerable to DNS poisoning

MEDIUM 5.9
Maven

CVE-2024-30171

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

MEDIUM 5.3
Maven

CVE-2024-29857

Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

MEDIUM 5.1
Maven

CVE-2020-15522

Timing based private key exposure in Bouncy Castle

MEDIUM 5.3
Maven

CVE-2023-33201

Bouncy Castle For Java LDAP injection vulnerability

MEDIUM 5.5
Maven

CVE-2023-33202

Bouncy Castle Denial of Service (DoS)

HIGH 7.4
Maven

CVE-2016-1000344

In Bouncy Castle JCE Provider the DHIES implementation allowed the use of ECB mode

UNKNOWN
Maven

CVE-2015-7940

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

HIGH 7.5
Maven

CVE-2016-1000338

In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate

HIGH 7.5
Maven

CVE-2016-1000340

The Bouncy Castle JCE Provider carry a propagation bug

HIGH 7.4
Maven

CVE-2016-1000352

In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode

LOW 3.7
Maven

CVE-2016-1000346

In Bouncy Castle JCE Provider the other party DH public key is not fully validated

MEDIUM 5.3
Maven

CVE-2016-1000339

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

MEDIUM 5.9
Maven

CVE-2016-1000345

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

HIGH 7.5
Maven

CVE-2016-1000343

In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values

MEDIUM 5.9
Maven

CVE-2016-1000341

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

HIGH 7.5
Maven

CVE-2018-1000180

Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator

HIGH 7.5
Maven

CVE-2016-1000342

In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification

MEDIUM 5.3
Maven

CVE-2020-26939

Observable Differences in Behavior to Error Inputs in Bouncy Castle

CRITICAL 9.8
Maven

CVE-2018-1000613

Deserialization of Untrusted Data in Bouncy castle

UNKNOWN
Maven

CVE-2013-1624

Improper Input Validation in Bouncy Castle

HIGH 8.1
Maven

CVE-2020-28052

Logic error in Legion of the Bouncy Castle BC Java

MEDIUM 4.4
Maven

CVE-2018-5382

Improper Validation of Integrity Check Value in Bouncy Castle

MEDIUM 5.9
Maven

CVE-2017-13098

Observable Discrepancy in BouncyCastle

Ready to move

Start Securing

Free, no credit card | First findings in minutes