Lucene search
Veracode Vulnerability DatabaseVERACODE:3288HistoryJan 13, 2017 - 10:20 a.m.
Unsafe Encryption Scheme
2017-01-1310:20:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.002 Low
EPSS
Percentile
56.5%
bouncycastle unsafely uses an electronic code book (ECB) when using the Diffie-Hellman Integrated Encryption Scheme (DHIES). ECB is known to be unsafe, particularly against replay attacks.
References
access.redhat.com/errata/RHSA-2018:2669
access.redhat.com/errata/RHSA-2018:2927
github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
security.netapp.com/advisory/ntap-20181127-0004/
vigilance.fr/vulnerability/Bouncy-Castle-multiple-vulnerabilities-21455
www.bouncycastle.org/releasenotes.html
www.oracle.com/security-alerts/cpuoct2020.html
Related
ubuntucve
ubuntucve
CVE-2016-1000344
2018-06-04 00:00:00
prion
prion
Design/Logic Flaw
2018-06-04 21:29:00
nvd
nvd
CVE-2016-1000344
2018-06-04 21:29:00
cve
cve
CVE-2016-1000344
2018-06-04 21:29:00
debiancve
debiancve
CVE-2016-1000344
2018-06-04 21:29:00
cvelist
cvelist
CVE-2016-1000344
2018-06-04 21:00:00
osv
osv
github
github
atlassian
atlassian
Upgrade Bouncy Castle to fix multiple CVEs
2020-02-21 08:37:09
Upgrade Bouncy Castle to fix multiple CVEs
2020-02-21 08:37:09
suse
suse
Security update for bouncycastle (moderate)
2018-06-14 12:07:50
nessus
nessus
openSUSE Security Update : bouncycastle (openSUSE-2018-628)
2018-06-14 00:00:00
RHEL 7 : Satellite Server (RHSA-2018:2927)
2018-10-18 00:00:00
openvas
openvas
openSUSE: Security Advisory for bouncycastle (openSUSE-SU-2018:1689-1)
2018-06-15 00:00:00
Mageia: Security Advisory (MGASA-2018-0376)
2022-01-28 00:00:00
ibm
ibm
mageia
mageia
Updated bouncycastle packages fix security vulnerabilities
2018-09-21 02:17:55
redhat
redhat
(RHSA-2018:2669) Important: Fuse 7.1 security update
2018-09-11 07:52:48
oracle
oracle
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00