bouncycastle is vulnerable to timing attacks. Due to the lack of blinding, a malicious user can monitor the time taken to generate a signature to gain information about the signatures k value and eventually the private value.
access.redhat.com/errata/RHSA-2018:2669
access.redhat.com/errata/RHSA-2018:2927
github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce
lists.debian.org/debian-lts-announce/2018/07/msg00009.html
security.netapp.com/advisory/ntap-20181127-0004/
usn.ubuntu.com/3727-1/
vigilance.fr/vulnerability/Bouncy-Castle-multiple-vulnerabilities-21455
www.bouncycastle.org/releasenotes.html
www.oracle.com/security-alerts/cpuoct2020.html