Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/14092?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "type": "maven", "namespace": "org.bouncycastle", "name": "bcprov-jdk15on", "version": "1.56", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/207928?format=api", "vulnerability_id": "VCID-1k14-mrhy-a7bv", "summary": "In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext that decrypts to a short payload in the OAEP Decoder could result in the throwing of an early exception, potentially leaking some information about the private exponent of the RSA private key performing the encryption.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02437", "scoring_system": "epss", "scoring_elements": "0.85495", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02437", "scoring_system": "epss", "scoring_elements": "0.85546", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02437", "scoring_system": "epss", "scoring_elements": "0.85556", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02437", "scoring_system": "epss", "scoring_elements": "0.85548", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26939" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2020-26939", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2020-26939" }, { "reference_url": "https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26939", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26939" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20201202-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20201202-0005" }, { "reference_url": "https://github.com/advisories/GHSA-72m5-fvvv-55m6", "reference_id": "GHSA-72m5-fvvv-55m6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-72m5-fvvv-55m6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/30882?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.61", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-bmbd-7t3k-3kga" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.61" } ], "aliases": [ "CVE-2020-26939", "GHSA-72m5-fvvv-55m6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1k14-mrhy-a7bv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7873?format=api", "vulnerability_id": "VCID-3j3f-cc7a-qubd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15522.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15522.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15522", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61435", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61331", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61439", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61443", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15522" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2020-15522", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2020-15522" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210622-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210622-0007" }, { "reference_url": "https://www.bouncycastle.org/releasenotes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.bouncycastle.org/releasenotes.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962879", "reference_id": "1962879", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962879" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15522", "reference_id": "CVE-2020-15522", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15522" }, { "reference_url": "https://github.com/advisories/GHSA-6xx3-rg99-gc3p", "reference_id": "GHSA-6xx3-rg99-gc3p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6xx3-rg99-gc3p" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1401", "reference_id": "RHSA-2021:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2755", "reference_id": "RHSA-2021:2755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5134", "reference_id": "RHSA-2021:5134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1013", "reference_id": "RHSA-2022:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1029", "reference_id": "RHSA-2022:1029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1029" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/382914?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.66", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bmbd-7t3k-3kga" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" }, { "vulnerability": "VCID-zn9c-78fe-qkfn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.66" } ], "aliases": [ "CVE-2020-15522", "GHSA-6xx3-rg99-gc3p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3j3f-cc7a-qubd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4315?format=api", "vulnerability_id": "VCID-87wj-jnpf-9ufx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2423", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2424", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2425", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2428", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2643", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0877", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:0877" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000180.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000180.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54585", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54709", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54725", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000180" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839" }, { "reference_url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190204-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190204-0003" }, { "reference_url": "https://www.bountysource.com/issues/58293083-rsa-key-generation-computation-of-iterations-for-mr-primality-test", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.bountysource.com/issues/58293083-rsa-key-generation-computation-of-iterations-for-mr-primality-test" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4233", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4233" }, { "reference_url": "http://www.securityfocus.com/bid/106567", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106567" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588306", "reference_id": "1588306", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588306" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900843", "reference_id": "900843", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900843" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2018-1000180", "reference_id": "CVE-2018-1000180", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2018-1000180" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000180", "reference_id": "CVE-2018-1000180", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000180" }, { "reference_url": "https://github.com/advisories/GHSA-xqj7-j8j5-f2xr", "reference_id": "GHSA-xqj7-j8j5-f2xr", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xqj7-j8j5-f2xr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/13798?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.60", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.60" } ], "aliases": [ "CVE-2018-1000180", "GHSA-xqj7-j8j5-f2xr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-87wj-jnpf-9ufx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15524?format=api", "vulnerability_id": "VCID-e5f5-vgc9-2kez", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33201.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33201.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33201", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55956", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.56078", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.56092", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.56077", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33201" }, { "reference_url": "https://bouncycastle.org/releasenotes.html#r1rv74", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bouncycastle.org/releasenotes.html#r1rv74" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33201", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33201" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/ccf93ca736b89250ff4ce079a5aa56f5cbf0ebbd", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/ccf93ca736b89250ff4ce079a5aa56f5cbf0ebbd" }, { "reference_url": "https://github.com/bcgit/bc-java/commits/main/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commits/main/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230824-0008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230824-0008" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040050", "reference_id": "1040050", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040050" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", "reference_id": "2215465", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465" }, { "reference_url": "https://bouncycastle.org", "reference_id": "bouncycastle.org", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/" } ], "url": "https://bouncycastle.org" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", "reference_id": "CVE-2023-33201", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc", "reference_id": "e8c409a8389c815ea3fda5e8b94c92fdfe583bcc", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/" } ], "url": "https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc" }, { "reference_url": "https://github.com/advisories/GHSA-hr8g-6v94-x4m9", "reference_id": "GHSA-hr8g-6v94-x4m9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hr8g-6v94-x4m9" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230824-0008/", "reference_id": "ntap-20230824-0008", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230824-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3954", "reference_id": "RHSA-2023:3954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5147", "reference_id": "RHSA-2023:5147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5165", "reference_id": "RHSA-2023:5165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5484", "reference_id": "RHSA-2023:5484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5485", "reference_id": "RHSA-2023:5485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5486", "reference_id": "RHSA-2023:5486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5488", "reference_id": "RHSA-2023:5488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7482", "reference_id": "RHSA-2023:7482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7483", "reference_id": "RHSA-2023:7483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7484", "reference_id": "RHSA-2023:7484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7486", "reference_id": "RHSA-2023:7486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7488", "reference_id": "RHSA-2023:7488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7669", "reference_id": "RHSA-2023:7669", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7678", "reference_id": "RHSA-2023:7678", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0278", "reference_id": "RHSA-2024:0278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1353", "reference_id": "RHSA-2024:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3527", "reference_id": "RHSA-2024:3527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3527" }, { "reference_url": "https://usn.ubuntu.com/8108-1/", "reference_id": "USN-8108-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8108-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-33201", "GHSA-hr8g-6v94-x4m9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e5f5-vgc9-2kez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19011?format=api", "vulnerability_id": "VCID-tw4p-n1bp-fbhf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-30171", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33699", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33874", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33899", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33877", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-30171" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30171", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30171" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240614-0008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240614-0008" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655", "reference_id": "1070655", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360", "reference_id": "2276360", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171", "reference_id": "CVE-2024-30171", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171" }, { "reference_url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171", "reference_id": "CVE%E2%80%902024%E2%80%9030171", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/" } ], "url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171", "reference_id": "CVE%E2%80%902024%E2%80%9030171", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171" }, { "reference_url": "https://github.com/advisories/GHSA-v435-xc8x-wvr9", "reference_id": "GHSA-v435-xc8x-wvr9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v435-xc8x-wvr9" }, { "reference_url": "https://www.bouncycastle.org/latest_releases.html", "reference_id": "latest_releases.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/" } ], "url": "https://www.bouncycastle.org/latest_releases.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240614-0008/", "reference_id": "ntap-20240614-0008", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240614-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4173", "reference_id": "RHSA-2024:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4271", "reference_id": "RHSA-2024:4271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4326", "reference_id": "RHSA-2024:4326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4505", "reference_id": "RHSA-2024:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4884", "reference_id": "RHSA-2024:4884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5143", "reference_id": "RHSA-2024:5143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5144", "reference_id": "RHSA-2024:5144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5145", "reference_id": "RHSA-2024:5145", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5145" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5147", "reference_id": "RHSA-2024:5147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5479", "reference_id": "RHSA-2024:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5481", "reference_id": "RHSA-2024:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5482", "reference_id": "RHSA-2024:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5482" }, { "reference_url": "https://usn.ubuntu.com/8108-1/", "reference_id": "USN-8108-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8108-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/30883?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.78", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.78" } ], "aliases": [ "CVE-2024-30171", "GHSA-v435-xc8x-wvr9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tw4p-n1bp-fbhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19005?format=api", "vulnerability_id": "VCID-xu8s-qbh8-mybs", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29857.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29857.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48788", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48927", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48942", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48924", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29857" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20241206-0008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20241206-0008" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655", "reference_id": "1070655", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028", "reference_id": "2293028", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857", "reference_id": "CVE-2024-29857", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857" }, { "reference_url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857", "reference_id": "CVE%E2%80%902024%E2%80%9029857", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/" } ], "url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857", "reference_id": "CVE%E2%80%902024%E2%80%9029857", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857" }, { "reference_url": "https://github.com/advisories/GHSA-8xfc-gm6g-vgpv", "reference_id": "GHSA-8xfc-gm6g-vgpv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8xfc-gm6g-vgpv" }, { "reference_url": "https://www.bouncycastle.org/latest_releases.html", "reference_id": "latest_releases.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/" } ], "url": "https://www.bouncycastle.org/latest_releases.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4271", "reference_id": "RHSA-2024:4271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4326", "reference_id": "RHSA-2024:4326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4505", "reference_id": "RHSA-2024:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4884", "reference_id": "RHSA-2024:4884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5143", "reference_id": "RHSA-2024:5143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5144", "reference_id": "RHSA-2024:5144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5145", "reference_id": "RHSA-2024:5145", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5145" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5147", "reference_id": "RHSA-2024:5147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5479", "reference_id": "RHSA-2024:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5481", "reference_id": "RHSA-2024:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5482", "reference_id": "RHSA-2024:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5482" }, { "reference_url": "https://usn.ubuntu.com/8108-1/", "reference_id": "USN-8108-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8108-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/30883?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.78", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.78" } ], "aliases": [ "CVE-2024-29857", "GHSA-8xfc-gm6g-vgpv" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xu8s-qbh8-mybs" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30699?format=api", "vulnerability_id": "VCID-4519-tx3c-5ua6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000342.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000342.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000342", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.65163", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.65165", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.65155", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.65054", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000342" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588715", "reference_id": "1588715", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588715" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000342", "reference_id": "CVE-2016-1000342", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000342" }, { "reference_url": "https://github.com/advisories/GHSA-qcj7-g2j5-g7r3", "reference_id": "GHSA-qcj7-g2j5-g7r3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qcj7-g2j5-g7r3" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-87wj-jnpf-9ufx" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" } ], "aliases": [ "CVE-2016-1000342", "GHSA-qcj7-g2j5-g7r3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4519-tx3c-5ua6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30259?format=api", "vulnerability_id": "VCID-9336-ev6n-5qbp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000343.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000343.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000343", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01074", "scoring_system": "epss", "scoring_elements": "0.78262", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01074", "scoring_system": "epss", "scoring_elements": "0.78185", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01074", "scoring_system": "epss", "scoring_elements": "0.78252", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01074", "scoring_system": "epss", "scoring_elements": "0.78266", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000343" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389#diff-5578e61500abb2b87b300d3114bdfd7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389#diff-5578e61500abb2b87b300d3114bdfd7d" }, { "reference_url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588721", "reference_id": "1588721", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588721" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000343", "reference_id": "CVE-2016-1000343", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000343" }, { "reference_url": "https://github.com/advisories/GHSA-rrvx-pwf8-p59p", "reference_id": "GHSA-rrvx-pwf8-p59p", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rrvx-pwf8-p59p" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-87wj-jnpf-9ufx" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" } ], "aliases": [ "CVE-2016-1000343", "GHSA-rrvx-pwf8-p59p" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9336-ev6n-5qbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30482?format=api", "vulnerability_id": "VCID-bbmu-axx2-h7bb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000346.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000346.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000346", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76931", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.77004", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.77011", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.77018", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000346" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588327", "reference_id": "1588327", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588327" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000346", "reference_id": "CVE-2016-1000346", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000346" }, { "reference_url": "https://github.com/advisories/GHSA-fjqm-246c-mwqg", "reference_id": "GHSA-fjqm-246c-mwqg", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fjqm-246c-mwqg" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-87wj-jnpf-9ufx" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" } ], "aliases": [ "CVE-2016-1000346", "GHSA-fjqm-246c-mwqg" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bbmu-axx2-h7bb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30612?format=api", "vulnerability_id": "VCID-cu7x-zauj-7beq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000339.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000339.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01119", "scoring_system": "epss", "scoring_elements": "0.78724", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01119", "scoring_system": "epss", "scoring_elements": "0.78646", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01119", "scoring_system": "epss", "scoring_elements": "0.78712", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01119", "scoring_system": "epss", "scoring_elements": "0.78728", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000339" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000339", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000339" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b#diff-54656f860db94b867ba7542430cd2ef0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b#diff-54656f860db94b867ba7542430cd2ef0" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/8a73f08931450c17c749af067b6a8185abdfd2c0#diff-494fb066bed02aeb76b6c005632943f2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/8a73f08931450c17c749af067b6a8185abdfd2c0#diff-494fb066bed02aeb76b6c005632943f2" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588695", "reference_id": "1588695", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588695" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000339", "reference_id": "CVE-2016-1000339", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000339" }, { "reference_url": "https://github.com/advisories/GHSA-c8xf-m4ff-jcxj", "reference_id": "GHSA-c8xf-m4ff-jcxj", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c8xf-m4ff-jcxj" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-87wj-jnpf-9ufx" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" } ], "aliases": [ "CVE-2016-1000339", "GHSA-c8xf-m4ff-jcxj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cu7x-zauj-7beq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30342?format=api", "vulnerability_id": "VCID-d6cg-63fk-ruc5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000340.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000340.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000340", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.61105", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.61103", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.61096", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.6099", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000340" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00#diff-e5934feac8203ca0104ab291a3560a31", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00#diff-e5934feac8203ca0104ab291a3560a31" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588688", "reference_id": "1588688", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588688" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000340", "reference_id": "CVE-2016-1000340", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000340" }, { "reference_url": "https://github.com/advisories/GHSA-r97x-3g8f-gx3m", "reference_id": "GHSA-r97x-3g8f-gx3m", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r97x-3g8f-gx3m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-87wj-jnpf-9ufx" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" } ], "aliases": [ "CVE-2016-1000340", "GHSA-r97x-3g8f-gx3m" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d6cg-63fk-ruc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30344?format=api", "vulnerability_id": "VCID-dgvj-vqdv-gqhm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000341.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000341.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74613", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74611", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74599", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74527", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000341" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588708", "reference_id": "1588708", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588708" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000341", "reference_id": "CVE-2016-1000341", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000341" }, { "reference_url": "https://github.com/advisories/GHSA-r9ch-m4fh-fc7q", "reference_id": "GHSA-r9ch-m4fh-fc7q", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r9ch-m4fh-fc7q" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-87wj-jnpf-9ufx" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" } ], "aliases": [ "CVE-2016-1000341", "GHSA-r9ch-m4fh-fc7q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgvj-vqdv-gqhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30456?format=api", "vulnerability_id": "VCID-hy4q-u5kn-9kdy", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000345.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000345.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000345", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74527", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74613", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74599", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74611", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000345" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588323", "reference_id": "1588323", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588323" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000345", "reference_id": "CVE-2016-1000345", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000345" }, { "reference_url": "https://github.com/advisories/GHSA-9gp4-qrff-c648", "reference_id": "GHSA-9gp4-qrff-c648", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9gp4-qrff-c648" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-87wj-jnpf-9ufx" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" } ], "aliases": [ "CVE-2016-1000345", "GHSA-9gp4-qrff-c648" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hy4q-u5kn-9kdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30458?format=api", "vulnerability_id": "VCID-n5q7-158s-tub8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000344.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000344.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.6044", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.6033", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.60436", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.60447", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000344" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588314", "reference_id": "1588314", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588314" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000344", "reference_id": "CVE-2016-1000344", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000344" }, { "reference_url": "https://github.com/advisories/GHSA-2j2x-hx4g-2gf4", "reference_id": "GHSA-2j2x-hx4g-2gf4", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2j2x-hx4g-2gf4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-87wj-jnpf-9ufx" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" } ], "aliases": [ "CVE-2016-1000344", "GHSA-2j2x-hx4g-2gf4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n5q7-158s-tub8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30343?format=api", "vulnerability_id": "VCID-uaun-dtay-abde", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000352.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000352.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.60447", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.6044", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.60436", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.6033", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000352" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181127-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181127-0004" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588330", "reference_id": "1588330", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588330" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000352", "reference_id": "CVE-2016-1000352", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000352" }, { "reference_url": "https://github.com/advisories/GHSA-w285-wf9q-5w69", "reference_id": "GHSA-w285-wf9q-5w69", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w285-wf9q-5w69" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-87wj-jnpf-9ufx" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" } ], "aliases": [ "CVE-2016-1000352", "GHSA-w285-wf9q-5w69" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uaun-dtay-abde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30217?format=api", "vulnerability_id": "VCID-vkq8-2vcz-v3eh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000338.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000338.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59437", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59425", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59428", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59314", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000338" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000338" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0" }, { "reference_url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231006-0011", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20231006-0011" }, { "reference_url": "https://usn.ubuntu.com/3727-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3727-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588313", "reference_id": "1588313", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588313" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000338", "reference_id": "CVE-2016-1000338", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1000338" }, { "reference_url": "https://github.com/advisories/GHSA-4vhj-98r6-424h", "reference_id": "GHSA-4vhj-98r6-424h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4vhj-98r6-424h" }, { "reference_url": "https://usn.ubuntu.com/3727-1/", "reference_id": "USN-3727-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3727-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14092?format=api", "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k14-mrhy-a7bv" }, { "vulnerability": "VCID-3j3f-cc7a-qubd" }, { "vulnerability": "VCID-87wj-jnpf-9ufx" }, { "vulnerability": "VCID-e5f5-vgc9-2kez" }, { "vulnerability": "VCID-tw4p-n1bp-fbhf" }, { "vulnerability": "VCID-xu8s-qbh8-mybs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" } ], "aliases": [ "CVE-2016-1000338", "GHSA-4vhj-98r6-424h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vkq8-2vcz-v3eh" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcprov-jdk15on@1.56" }