CVE-2023-33201

< 1.74

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications tha

5.3MEDIUM

CVE-2020-28052

all versions

An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compa

8.1HIGH

CVE-2019-17359

all versions

The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMe

7.5HIGH

CVE-2018-1000613

>= 1.58 and < 1.60

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-47

9.8CRITICAL

CVE-2018-1000180

>= 1.54 and <= 1.59

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair genera

7.5HIGH

CVE-2016-1000352

<= 1.55

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is rega

7.4HIGH

CVE-2016-1000346

<= 1.55

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause is

3.7LOW

CVE-2016-1000345

<= 1.55

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.

5.9MEDIUM

CVE-2016-1000344

<= 1.55

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is rega

7.4HIGH

CVE-2016-1000343

<= 1.55

In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with de

7.5HIGH

CVE-2016-1000342

<= 1.55

In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verificati

7.5HIGH

CVE-2016-1000341

<= 1.55

In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings

5.9MEDIUM

CVE-2016-1000340

>= 1.51 and <= 1.55

In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring

7.5HIGH

CVE-2016-1000339

<= 1.55

In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the hig

5.3MEDIUM

CVE-2018-5382

<= 1.49

The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS k

4.4MEDIUM

CVE-2017-13098

< 1.59

BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions,

7.5HIGH

CVE-2016-2427

all versions

The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, wh

5.5MEDIUM

CVE-2013-1624

all versions

The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing s

CVE-2007-6721

<= 1.37

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unk