HIGH8.1CVE-2020-28052Logic error in Legion of the Bouncy Castle BC Java >= 1.65, < 1.67
MEDIUM5.9CVE-2024-30171Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack") from 0, < 1.78
MEDIUM5.9CVE-2024-34447Bouncy Castle Java Cryptography API vulnerable to DNS poisoning >= 1.61, < 1.78
MEDIUM5.5Bouncy Castle Denial of Service (DoS)
from 0, < 1.73
MEDIUM5.3Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
>= 1.73, < 1.78
MEDIUM5.3Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
from 0, < 1.78
MEDIUM5.3bouncycastle - security update
from 0, < 1.74
MEDIUM5.3bouncycastle - security update
from 0, < 1.61
MEDIUM5.1Timing based private key exposure in Bouncy Castle
from 0, < 1.66
—Bouncy Castle Has Covert Timing Channel Vulnerability
>= 1.71, < 1.84
—Bouncy Castle has an LDAP injection
>= 1.74, < 1.84
—Bouncy Castle for Java on All (API modules) allows Excessive Allocation
>= 1.0, < 1.78