org.bouncycastle:bcprov-ext-jdk16
Maven4 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.bouncycastle:bcprov-ext-jdk16page 1 of 1
- CVE-2020-15522MEDIUMCVSS 5.9EG 5.9✓ Fixed in 1.662021-05-20
vulnerable: 1.45, 1.46
Bouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able…
- CVE-2020-26939MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.612020-11-02
vulnerable: 1.45, 1.46
In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.cry…
- CVE-2020-28052HIGHCVSS 8.1EG 8.1✓ Fixed in 1.672020-12-18
An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching wi…
- CVE-2023-33202MEDIUMCVSS 5.5EG 5.5✓ Fixed in 1.732023-11-23
vulnerable: 1.45, 1.46
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 enc…
Check whether org.bouncycastle:bcprov-ext-jdk16 is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.bouncycastle:bcprov-ext-jdk16 CVEs against the assets you own.
Start Free Scan →