bouncycastle unsafely uses an electronic code book (ECB) when using the Diffie-Hellman Integrated Encryption Scheme (DHIES). ECB is known to be unsafe, particularly against replay attacks.
access.redhat.com/errata/RHSA-2018:2669
access.redhat.com/errata/RHSA-2018:2927
github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
security.netapp.com/advisory/ntap-20181127-0004/
vigilance.fr/vulnerability/Bouncy-Castle-multiple-vulnerabilities-21455
www.bouncycastle.org/releasenotes.html
www.oracle.com/security-alerts/cpuoct2020.html