New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
HIGH 7.5 Maven

Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator

GHSA-xqj7-j8j5-f2xr · CVE-2018-1000180

Published · Modified

Description

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later.

References

Ready to move

Start Securing

Free, no credit card | First findings in minutes