pkg:Maven/org.bouncycastle:bcprov-jdk15on

All known vulnerabilities

• CRITICAL9.8CVE-2018-1000613Deserialization of Untrusted Data in Bouncy castle
  >= 1.57, < 1.60
• HIGH8.1CVE-2020-28052Logic error in Legion of the Bouncy Castle BC Java
  >= 1.65, < 1.67
• HIGH7.5In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values
  from 0, < 1.56
• HIGH7.5In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification
  from 0, < 1.56
• HIGH7.5The Bouncy Castle JCE Provider carry a propagation bug
  >= 1.51, < 1.56
• HIGH7.5bouncycastle - security update
  >= 1.38, < 1.56
• HIGH7.5bouncycastle - security update
  from 0, < 1.60
• HIGH7.4In Bouncy Castle JCE Provider the DHIES implementation allowed the use of ECB mode
  from 0, < 1.56
• HIGH7.4In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode
  from 0, < 1.56
• MEDIUM5.9Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")
  from 0, < 1.78
• MEDIUM5.9Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
  >= 1.61, < 1.78
• MEDIUM5.9bouncycastle - security update
  from 0, < 1.0.3
• MEDIUM5.9Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
  from 0, < 1.56
• MEDIUM5.9Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
  from 0, < 1.56
• MEDIUM5.5Bouncy Castle Denial of Service (DoS)
  from 0
• MEDIUM5.3Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
  from 0, < 1.78
• MEDIUM5.3bouncycastle - security update
  >= 1.49, <= 1.70
• MEDIUM5.3bouncycastle - security update
  from 0, < 1.61
• MEDIUM5.3Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
  from 0, < 1.56
• MEDIUM5.1Timing based private key exposure in Bouncy Castle
  from 0, < 1.66
• MEDIUM4.4Improper Validation of Integrity Check Value in Bouncy Castle
  from 0, < 1.50
• LOW3.7In Bouncy Castle JCE Provider the other party DH public key is not fully validated
  from 0, < 1.56
• —Improper Input Validation in Bouncy Castle
  from 0, < 1.48
• —bouncycastle - security update
  from 0, < 1.51