Skip to main content

Fips Java Api

4 CVEs product

Monthly

CVE-2023-33202 Maven MEDIUM POC PATCH This Month

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java OpenSSL Denial Of Service Bouncy Castle For Java Fips Java Api
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2022-45146 Maven MEDIUM POC PATCH This Month

An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Java Information Disclosure Use After Free Memory Corruption Fips Java Api
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-26939 Maven MEDIUM PATCH This Month

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Fips Java Api Legion Of The Bouncy Castle
NVD GitHub
CVSS 3.1
5.3
EPSS
0.9%
CVE-2018-1000180 Maven HIGH PATCH This Week

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bc Java Fips Java Api Debian Linux Api Gateway +16
NVD GitHub
CVSS 3.0
7.5
EPSS
3.6%
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java OpenSSL Denial Of Service +2
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Java Information Disclosure Use After Free +2
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Fips Java Api Legion Of The Bouncy Castle
NVD GitHub
EPSS 4% CVSS 7.5
HIGH PATCH This Week

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bc Java Fips Java Api +18
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy