Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/bouncycastle@1.80-3?distro=trixie
Typedeb
Namespacedebian
Namebouncycastle
Version1.80-3
Qualifiers
distro trixie
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-jt6u-jzrn-pkdt
vulnerability_id VCID-jt6u-jzrn-pkdt
summary Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.80.1, from 1.82 before 1.84.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5598.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5598.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5598
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.0653
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5598
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
4
reference_url https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T13:11:48Z/
url https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5
5
reference_url https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T13:11:48Z/
url https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87
6
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2026-5598
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE-2026-5598
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-5598
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-5598
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134386
reference_id 1134386
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134386
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458635
reference_id 2458635
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458635
10
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598
reference_id CVE%E2%80%902026%E2%80%905598
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-15T13:11:48Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598
11
reference_url https://access.redhat.com/errata/RHSA-2026:12267
reference_id RHSA-2026:12267
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12267
12
reference_url https://access.redhat.com/errata/RHSA-2026:12269
reference_id RHSA-2026:12269
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12269
13
reference_url https://access.redhat.com/errata/RHSA-2026:18054
reference_id RHSA-2026:18054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18054
14
reference_url https://access.redhat.com/errata/RHSA-2026:18055
reference_id RHSA-2026:18055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18055
15
reference_url https://access.redhat.com/errata/RHSA-2026:18059
reference_id RHSA-2026:18059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18059
fixed_packages
aliases CVE-2026-5598, GHSA-p93r-85wp-75v3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jt6u-jzrn-pkdt
Fixing_vulnerabilities
0
url VCID-14yd-vsj7-e3bv
vulnerability_id VCID-14yd-vsj7-e3bv
summary The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3566
reference_id
reference_type
scores
0
value 0.93538
scoring_system epss
scoring_elements 0.99838
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3566
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
reference_id 0101.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
17
reference_url https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7
reference_id 1015-security-advisory-7
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7
18
reference_url http://www.securitytracker.com/id/1031029
reference_id 1031029
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031029
19
reference_url http://www.securitytracker.com/id/1031039
reference_id 1031039
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031039
20
reference_url http://www.securitytracker.com/id/1031085
reference_id 1031085
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031085
21
reference_url http://www.securitytracker.com/id/1031086
reference_id 1031086
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031086
22
reference_url http://www.securitytracker.com/id/1031087
reference_id 1031087
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031087
23
reference_url http://www.securitytracker.com/id/1031088
reference_id 1031088
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031088
24
reference_url http://www.securitytracker.com/id/1031089
reference_id 1031089
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031089
25
reference_url http://www.securitytracker.com/id/1031090
reference_id 1031090
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031090
26
reference_url http://www.securitytracker.com/id/1031091
reference_id 1031091
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031091
27
reference_url http://www.securitytracker.com/id/1031092
reference_id 1031092
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031092
28
reference_url http://www.securitytracker.com/id/1031093
reference_id 1031093
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031093
29
reference_url http://www.securitytracker.com/id/1031094
reference_id 1031094
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031094
30
reference_url http://www.securitytracker.com/id/1031095
reference_id 1031095
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031095
31
reference_url http://www.securitytracker.com/id/1031096
reference_id 1031096
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031096
32
reference_url http://www.securitytracker.com/id/1031105
reference_id 1031105
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031105
33
reference_url http://www.securitytracker.com/id/1031106
reference_id 1031106
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031106
34
reference_url http://www.securitytracker.com/id/1031107
reference_id 1031107
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031107
35
reference_url http://www.securitytracker.com/id/1031120
reference_id 1031120
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031120
36
reference_url http://www.securitytracker.com/id/1031123
reference_id 1031123
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031123
37
reference_url http://www.securitytracker.com/id/1031124
reference_id 1031124
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031124
38
reference_url http://www.securitytracker.com/id/1031130
reference_id 1031130
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031130
39
reference_url http://www.securitytracker.com/id/1031131
reference_id 1031131
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031131
40
reference_url http://www.securitytracker.com/id/1031132
reference_id 1031132
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securitytracker.com/id/1031132
41
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1152789
reference_id 1152789
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1152789
42
reference_url https://access.redhat.com/articles/1232123
reference_id 1232123
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://access.redhat.com/articles/1232123
43
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html
reference_id 141114.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html
44
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html
reference_id 141158.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html
45
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html
reference_id 142330.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html
46
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html
reference_id 169361.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html
47
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html
reference_id 169374.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html
48
reference_url https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html
reference_id 2014-10-14-how-poodle-happened.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html
49
reference_url https://technet.microsoft.com/library/security/3009008.aspx
reference_id 3009008.aspx
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://technet.microsoft.com/library/security/3009008.aspx
50
reference_url http://www.securityfocus.com/archive/1/533746
reference_id 533746
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securityfocus.com/archive/1/533746
51
reference_url http://www.securityfocus.com/archive/1/533747
reference_id 533747
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securityfocus.com/archive/1/533747
52
reference_url http://www.kb.cert.org/vuls/id/577193
reference_id 577193
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.kb.cert.org/vuls/id/577193
53
reference_url http://secunia.com/advisories/59627
reference_id 59627
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/59627
54
reference_url http://secunia.com/advisories/60056
reference_id 60056
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/60056
55
reference_url http://secunia.com/advisories/60206
reference_id 60206
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/60206
56
reference_url http://secunia.com/advisories/60792
reference_id 60792
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/60792
57
reference_url http://secunia.com/advisories/60859
reference_id 60859
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/60859
58
reference_url http://secunia.com/advisories/61019
reference_id 61019
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61019
59
reference_url http://secunia.com/advisories/61130
reference_id 61130
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61130
60
reference_url http://secunia.com/advisories/61303
reference_id 61303
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61303
61
reference_url http://secunia.com/advisories/61316
reference_id 61316
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61316
62
reference_url http://secunia.com/advisories/61345
reference_id 61345
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61345
63
reference_url http://secunia.com/advisories/61359
reference_id 61359
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61359
64
reference_url http://secunia.com/advisories/61782
reference_id 61782
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61782
65
reference_url http://secunia.com/advisories/61810
reference_id 61810
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61810
66
reference_url http://secunia.com/advisories/61819
reference_id 61819
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61819
67
reference_url http://secunia.com/advisories/61825
reference_id 61825
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61825
68
reference_url http://secunia.com/advisories/61827
reference_id 61827
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61827
69
reference_url http://secunia.com/advisories/61926
reference_id 61926
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61926
70
reference_url http://secunia.com/advisories/61995
reference_id 61995
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://secunia.com/advisories/61995
71
reference_url http://www.securityfocus.com/bid/70574
reference_id 70574
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securityfocus.com/bid/70574
72
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539
reference_id 765539
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539
73
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702
reference_id 765702
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702
74
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164
reference_id 768164
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164
75
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904
reference_id 769904
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904
76
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359
reference_id 771359
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359
77
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2014:203
reference_id advisories?name=MDVSA-2014:203
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.mandriva.com/security/advisories?name=MDVSA-2014:203
78
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
reference_id advisories?name=MDVSA-2015:062
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
79
reference_url http://downloads.asterisk.org/pub/security/AST-2014-011.html
reference_id AST-2014-011.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://downloads.asterisk.org/pub/security/AST-2014-011.html
80
reference_url http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html
reference_id attack-of-week-poodle.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html
81
reference_url http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle
reference_id cisco-sa-20141015-poodle
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle
82
reference_url http://support.citrix.com/article/CTX200238
reference_id CTX200238
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://support.citrix.com/article/CTX200238
83
reference_url https://support.citrix.com/article/CTX216642
reference_id CTX216642
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://support.citrix.com/article/CTX216642
84
reference_url http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html
reference_id CVE-2014-3566.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html
85
reference_url https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip
reference_id cve-2014-3566-removing-sslv3-from-big-ip
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip
86
reference_url http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581
reference_id display?docId=emr_na-c04583581
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581
87
reference_url http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034
reference_id display?docId=emr_na-c04779034
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034
88
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635
reference_id docDisplay?docId=emr_na-c04819635
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635
89
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681
reference_id docDisplay?docId=emr_na-c05068681
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681
90
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
reference_id docDisplay?docId=emr_na-c05157667
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
91
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946
reference_id docDisplay?docId=emr_na-c05301946
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946
92
reference_url https://www.suse.com/support/kb/doc.php?id=7015773
reference_id doc.php?id=7015773
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://www.suse.com/support/kb/doc.php?id=7015773
93
reference_url http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431
reference_id docview.wss?uid=isg3T1021431
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431
94
reference_url http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439
reference_id docview.wss?uid=isg3T1021439
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439
95
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21686997
reference_id docview.wss?uid=swg21686997
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www-01.ibm.com/support/docview.wss?uid=swg21686997
96
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21687172
reference_id docview.wss?uid=swg21687172
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www-01.ibm.com/support/docview.wss?uid=swg21687172
97
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21687611
reference_id docview.wss?uid=swg21687611
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www-01.ibm.com/support/docview.wss?uid=swg21687611
98
reference_url https://www-01.ibm.com/support/docview.wss?uid=swg21688165
reference_id docview.wss?uid=swg21688165
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://www-01.ibm.com/support/docview.wss?uid=swg21688165
99
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21688283
reference_id docview.wss?uid=swg21688283
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www-01.ibm.com/support/docview.wss?uid=swg21688283
100
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21692299
reference_id docview.wss?uid=swg21692299
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www-01.ibm.com/support/docview.wss?uid=swg21692299
101
reference_url http://www.debian.org/security/2014/dsa-3053
reference_id dsa-3053
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.debian.org/security/2014/dsa-3053
102
reference_url http://www.debian.org/security/2015/dsa-3144
reference_id dsa-3144
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.debian.org/security/2015/dsa-3144
103
reference_url http://www.debian.org/security/2015/dsa-3147
reference_id dsa-3147
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.debian.org/security/2015/dsa-3147
104
reference_url http://www.debian.org/security/2016/dsa-3489
reference_id dsa-3489
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.debian.org/security/2016/dsa-3489
105
reference_url https://security.gentoo.org/glsa/201411-10
reference_id GLSA-201411-10
reference_type
scores
url https://security.gentoo.org/glsa/201411-10
106
reference_url https://security.gentoo.org/glsa/201507-14
reference_id GLSA-201507-14
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://security.gentoo.org/glsa/201507-14
107
reference_url https://security.gentoo.org/glsa/201606-11
reference_id GLSA-201606-11
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://security.gentoo.org/glsa/201606-11
108
reference_url http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566
reference_id how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566
109
reference_url http://support.apple.com/HT204244
reference_id HT204244
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://support.apple.com/HT204244
110
reference_url https://support.apple.com/kb/HT6527
reference_id HT6527
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://support.apple.com/kb/HT6527
111
reference_url https://support.apple.com/kb/HT6529
reference_id HT6529
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://support.apple.com/kb/HT6529
112
reference_url https://support.apple.com/kb/HT6531
reference_id HT6531
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://support.apple.com/kb/HT6531
113
reference_url https://support.apple.com/kb/HT6535
reference_id HT6535
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://support.apple.com/kb/HT6535
114
reference_url https://support.apple.com/kb/HT6541
reference_id HT6541
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://support.apple.com/kb/HT6541
115
reference_url https://support.apple.com/kb/HT6542
reference_id HT6542
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://support.apple.com/kb/HT6542
116
reference_url http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm
reference_id hw-405500.htm
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm
117
reference_url https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
reference_id ICSMA-18-058-02
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
118
reference_url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
reference_id index?page=content&id=JSA10705
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
119
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10090
reference_id index?page=content&id=SB10090
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10090
120
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10091
reference_id index?page=content&id=SB10091
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10091
121
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10104
reference_id index?page=content&id=SB10104
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10104
122
reference_url http://marc.info/?l=bugtraq&m=141450452204552&w=2
reference_id ?l=bugtraq&m=141450452204552&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141450452204552&w=2
123
reference_url http://marc.info/?l=bugtraq&m=141450973807288&w=2
reference_id ?l=bugtraq&m=141450973807288&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141450973807288&w=2
124
reference_url http://marc.info/?l=bugtraq&m=141477196830952&w=2
reference_id ?l=bugtraq&m=141477196830952&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141477196830952&w=2
125
reference_url http://marc.info/?l=bugtraq&m=141576815022399&w=2
reference_id ?l=bugtraq&m=141576815022399&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141576815022399&w=2
126
reference_url http://marc.info/?l=bugtraq&m=141577087123040&w=2
reference_id ?l=bugtraq&m=141577087123040&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141577087123040&w=2
127
reference_url http://marc.info/?l=bugtraq&m=141577350823734&w=2
reference_id ?l=bugtraq&m=141577350823734&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141577350823734&w=2
128
reference_url http://marc.info/?l=bugtraq&m=141620103726640&w=2
reference_id ?l=bugtraq&m=141620103726640&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141620103726640&w=2
129
reference_url http://marc.info/?l=bugtraq&m=141628688425177&w=2
reference_id ?l=bugtraq&m=141628688425177&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141628688425177&w=2
130
reference_url http://marc.info/?l=bugtraq&m=141694355519663&w=2
reference_id ?l=bugtraq&m=141694355519663&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141694355519663&w=2
131
reference_url http://marc.info/?l=bugtraq&m=141697638231025&w=2
reference_id ?l=bugtraq&m=141697638231025&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141697638231025&w=2
132
reference_url http://marc.info/?l=bugtraq&m=141697676231104&w=2
reference_id ?l=bugtraq&m=141697676231104&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141697676231104&w=2
133
reference_url http://marc.info/?l=bugtraq&m=141703183219781&w=2
reference_id ?l=bugtraq&m=141703183219781&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141703183219781&w=2
134
reference_url http://marc.info/?l=bugtraq&m=141715130023061&w=2
reference_id ?l=bugtraq&m=141715130023061&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141715130023061&w=2
135
reference_url http://marc.info/?l=bugtraq&m=141775427104070&w=2
reference_id ?l=bugtraq&m=141775427104070&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141775427104070&w=2
136
reference_url http://marc.info/?l=bugtraq&m=141813976718456&w=2
reference_id ?l=bugtraq&m=141813976718456&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141813976718456&w=2
137
reference_url http://marc.info/?l=bugtraq&m=141814011518700&w=2
reference_id ?l=bugtraq&m=141814011518700&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141814011518700&w=2
138
reference_url http://marc.info/?l=bugtraq&m=141879378918327&w=2
reference_id ?l=bugtraq&m=141879378918327&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=141879378918327&w=2
139
reference_url http://marc.info/?l=bugtraq&m=142103967620673&w=2
reference_id ?l=bugtraq&m=142103967620673&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142103967620673&w=2
140
reference_url http://marc.info/?l=bugtraq&m=142118135300698&w=2
reference_id ?l=bugtraq&m=142118135300698&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142118135300698&w=2
141
reference_url http://marc.info/?l=bugtraq&m=142296755107581&w=2
reference_id ?l=bugtraq&m=142296755107581&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142296755107581&w=2
142
reference_url http://marc.info/?l=bugtraq&m=142350196615714&w=2
reference_id ?l=bugtraq&m=142350196615714&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142350196615714&w=2
143
reference_url http://marc.info/?l=bugtraq&m=142350298616097&w=2
reference_id ?l=bugtraq&m=142350298616097&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142350298616097&w=2
144
reference_url http://marc.info/?l=bugtraq&m=142350743917559&w=2
reference_id ?l=bugtraq&m=142350743917559&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142350743917559&w=2
145
reference_url http://marc.info/?l=bugtraq&m=142354438527235&w=2
reference_id ?l=bugtraq&m=142354438527235&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142354438527235&w=2
146
reference_url http://marc.info/?l=bugtraq&m=142357976805598&w=2
reference_id ?l=bugtraq&m=142357976805598&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142357976805598&w=2
147
reference_url http://marc.info/?l=bugtraq&m=142495837901899&w=2
reference_id ?l=bugtraq&m=142495837901899&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142495837901899&w=2
148
reference_url http://marc.info/?l=bugtraq&m=142496355704097&w=2
reference_id ?l=bugtraq&m=142496355704097&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142496355704097&w=2
149
reference_url http://marc.info/?l=bugtraq&m=142546741516006&w=2
reference_id ?l=bugtraq&m=142546741516006&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142546741516006&w=2
150
reference_url http://marc.info/?l=bugtraq&m=142607790919348&w=2
reference_id ?l=bugtraq&m=142607790919348&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142607790919348&w=2
151
reference_url http://marc.info/?l=bugtraq&m=142624590206005&w=2
reference_id ?l=bugtraq&m=142624590206005&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142624590206005&w=2
152
reference_url http://marc.info/?l=bugtraq&m=142624619906067
reference_id ?l=bugtraq&m=142624619906067
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142624619906067
153
reference_url http://marc.info/?l=bugtraq&m=142624619906067&w=2
reference_id ?l=bugtraq&m=142624619906067&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142624619906067&w=2
154
reference_url http://marc.info/?l=bugtraq&m=142624679706236&w=2
reference_id ?l=bugtraq&m=142624679706236&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142624679706236&w=2
155
reference_url http://marc.info/?l=bugtraq&m=142624719706349&w=2
reference_id ?l=bugtraq&m=142624719706349&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142624719706349&w=2
156
reference_url http://marc.info/?l=bugtraq&m=142721830231196&w=2
reference_id ?l=bugtraq&m=142721830231196&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142721830231196&w=2
157
reference_url http://marc.info/?l=bugtraq&m=142721887231400&w=2
reference_id ?l=bugtraq&m=142721887231400&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142721887231400&w=2
158
reference_url http://marc.info/?l=bugtraq&m=142740155824959&w=2
reference_id ?l=bugtraq&m=142740155824959&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142740155824959&w=2
159
reference_url http://marc.info/?l=bugtraq&m=142791032306609&w=2
reference_id ?l=bugtraq&m=142791032306609&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142791032306609&w=2
160
reference_url http://marc.info/?l=bugtraq&m=142804214608580&w=2
reference_id ?l=bugtraq&m=142804214608580&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142804214608580&w=2
161
reference_url http://marc.info/?l=bugtraq&m=142805027510172&w=2
reference_id ?l=bugtraq&m=142805027510172&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142805027510172&w=2
162
reference_url http://marc.info/?l=bugtraq&m=142962817202793&w=2
reference_id ?l=bugtraq&m=142962817202793&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=142962817202793&w=2
163
reference_url http://marc.info/?l=bugtraq&m=143039249603103&w=2
reference_id ?l=bugtraq&m=143039249603103&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=143039249603103&w=2
164
reference_url http://marc.info/?l=bugtraq&m=143101048219218&w=2
reference_id ?l=bugtraq&m=143101048219218&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=143101048219218&w=2
165
reference_url http://marc.info/?l=bugtraq&m=143290371927178&w=2
reference_id ?l=bugtraq&m=143290371927178&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=143290371927178&w=2
166
reference_url http://marc.info/?l=bugtraq&m=143290437727362&w=2
reference_id ?l=bugtraq&m=143290437727362&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=143290437727362&w=2
167
reference_url http://marc.info/?l=bugtraq&m=143290522027658&w=2
reference_id ?l=bugtraq&m=143290522027658&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=143290522027658&w=2
168
reference_url http://marc.info/?l=bugtraq&m=143290583027876&w=2
reference_id ?l=bugtraq&m=143290583027876&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=143290583027876&w=2
169
reference_url http://marc.info/?l=bugtraq&m=143558137709884&w=2
reference_id ?l=bugtraq&m=143558137709884&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=143558137709884&w=2
170
reference_url http://marc.info/?l=bugtraq&m=143558192010071&w=2
reference_id ?l=bugtraq&m=143558192010071&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=143558192010071&w=2
171
reference_url http://marc.info/?l=bugtraq&m=143628269912142&w=2
reference_id ?l=bugtraq&m=143628269912142&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=143628269912142&w=2
172
reference_url http://marc.info/?l=bugtraq&m=144101915224472&w=2
reference_id ?l=bugtraq&m=144101915224472&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=144101915224472&w=2
173
reference_url http://marc.info/?l=bugtraq&m=144251162130364&w=2
reference_id ?l=bugtraq&m=144251162130364&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=144251162130364&w=2
174
reference_url http://marc.info/?l=bugtraq&m=144294141001552&w=2
reference_id ?l=bugtraq&m=144294141001552&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=144294141001552&w=2
175
reference_url http://marc.info/?l=bugtraq&m=145983526810210&w=2
reference_id ?l=bugtraq&m=145983526810210&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=bugtraq&m=145983526810210&w=2
176
reference_url http://marc.info/?l=openssl-dev&m=141333049205629&w=2
reference_id ?l=openssl-dev&m=141333049205629&w=2
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://marc.info/?l=openssl-dev&m=141333049205629&w=2
177
reference_url http://advisories.mageia.org/MGASA-2014-0416.html
reference_id MGASA-2014-0416.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://advisories.mageia.org/MGASA-2014-0416.html
178
reference_url http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf
reference_id MOVEitReleaseNotes82.pdf
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf
179
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html
reference_id msg00000.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html
180
reference_url http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html
181
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html
182
reference_url http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html
reference_id msg00002.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html
183
reference_url http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
reference_id msg00003.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
184
reference_url http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html
reference_id msg00003.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html
185
reference_url http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html
reference_id msg00008.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html
186
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
reference_id msg00011.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
187
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html
188
reference_url http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html
reference_id msg00021.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html
189
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html
reference_id msg00024.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html
190
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
191
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
reference_id msg00027.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
192
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
reference_id msg00027.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
193
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
reference_id msg00033.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
194
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
reference_id msg00036.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
195
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html
reference_id msg00066.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html
196
reference_url https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
reference_id multiple_vulnerabilities_in_openssl6
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
197
reference_url ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc
reference_id NetBSD-SA2014-015.txt.asc
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc
198
reference_url http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/
reference_id node-v0-10-33-stable
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/
199
reference_url https://security.netapp.com/advisory/ntap-20141015-0001/
reference_id ntap-20141015-0001
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://security.netapp.com/advisory/ntap-20141015-0001/
200
reference_url http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc
reference_id openssl_advisory11.asc
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc
201
reference_url https://support.lenovo.com/product_security/poodle
reference_id poodle
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://support.lenovo.com/product_security/poodle
202
reference_url https://support.lenovo.com/us/en/product_security/poodle
reference_id poodle
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://support.lenovo.com/us/en/product_security/poodle
203
reference_url https://www.imperialviolet.org/2014/10/14/poodle.html
reference_id poodle.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://www.imperialviolet.org/2014/10/14/poodle.html
204
reference_url https://github.com/mpgn/poodle-PoC
reference_id poodle-PoC
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://github.com/mpgn/poodle-PoC
205
reference_url https://puppet.com/security/cve/poodle-sslv3-vulnerability
reference_id poodle-sslv3-vulnerability
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://puppet.com/security/cve/poodle-sslv3-vulnerability
206
reference_url http://rhn.redhat.com/errata/RHSA-2014-1652.html
reference_id RHSA-2014-1652.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2014-1652.html
207
reference_url http://rhn.redhat.com/errata/RHSA-2014-1653.html
reference_id RHSA-2014-1653.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2014-1653.html
208
reference_url http://rhn.redhat.com/errata/RHSA-2014-1692.html
reference_id RHSA-2014-1692.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2014-1692.html
209
reference_url https://access.redhat.com/errata/RHSA-2014:1876
reference_id RHSA-2014:1876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1876
210
reference_url http://rhn.redhat.com/errata/RHSA-2014-1876.html
reference_id RHSA-2014-1876.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2014-1876.html
211
reference_url https://access.redhat.com/errata/RHSA-2014:1877
reference_id RHSA-2014:1877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1877
212
reference_url http://rhn.redhat.com/errata/RHSA-2014-1877.html
reference_id RHSA-2014-1877.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2014-1877.html
213
reference_url https://access.redhat.com/errata/RHSA-2014:1880
reference_id RHSA-2014:1880
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1880
214
reference_url http://rhn.redhat.com/errata/RHSA-2014-1880.html
reference_id RHSA-2014-1880.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2014-1880.html
215
reference_url https://access.redhat.com/errata/RHSA-2014:1881
reference_id RHSA-2014:1881
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1881
216
reference_url http://rhn.redhat.com/errata/RHSA-2014-1881.html
reference_id RHSA-2014-1881.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2014-1881.html
217
reference_url https://access.redhat.com/errata/RHSA-2014:1882
reference_id RHSA-2014:1882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1882
218
reference_url http://rhn.redhat.com/errata/RHSA-2014-1882.html
reference_id RHSA-2014-1882.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2014-1882.html
219
reference_url https://access.redhat.com/errata/RHSA-2014:1920
reference_id RHSA-2014:1920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1920
220
reference_url http://rhn.redhat.com/errata/RHSA-2014-1920.html
reference_id RHSA-2014-1920.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2014-1920.html
221
reference_url http://rhn.redhat.com/errata/RHSA-2014-1948.html
reference_id RHSA-2014-1948.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2014-1948.html
222
reference_url https://access.redhat.com/errata/RHSA-2015:0010
reference_id RHSA-2015:0010
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0010
223
reference_url https://access.redhat.com/errata/RHSA-2015:0011
reference_id RHSA-2015:0011
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0011
224
reference_url https://access.redhat.com/errata/RHSA-2015:0012
reference_id RHSA-2015:0012
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0012
225
reference_url https://access.redhat.com/errata/RHSA-2015:0067
reference_id RHSA-2015:0067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0067
226
reference_url https://access.redhat.com/errata/RHSA-2015:0068
reference_id RHSA-2015:0068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0068
227
reference_url http://rhn.redhat.com/errata/RHSA-2015-0068.html
reference_id RHSA-2015-0068.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2015-0068.html
228
reference_url https://access.redhat.com/errata/RHSA-2015:0069
reference_id RHSA-2015:0069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0069
229
reference_url https://access.redhat.com/errata/RHSA-2015:0079
reference_id RHSA-2015:0079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0079
230
reference_url http://rhn.redhat.com/errata/RHSA-2015-0079.html
reference_id RHSA-2015-0079.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2015-0079.html
231
reference_url https://access.redhat.com/errata/RHSA-2015:0080
reference_id RHSA-2015:0080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0080
232
reference_url http://rhn.redhat.com/errata/RHSA-2015-0080.html
reference_id RHSA-2015-0080.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2015-0080.html
233
reference_url https://access.redhat.com/errata/RHSA-2015:0085
reference_id RHSA-2015:0085
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0085
234
reference_url http://rhn.redhat.com/errata/RHSA-2015-0085.html
reference_id RHSA-2015-0085.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2015-0085.html
235
reference_url https://access.redhat.com/errata/RHSA-2015:0086
reference_id RHSA-2015:0086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0086
236
reference_url http://rhn.redhat.com/errata/RHSA-2015-0086.html
reference_id RHSA-2015-0086.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2015-0086.html
237
reference_url https://access.redhat.com/errata/RHSA-2015:0264
reference_id RHSA-2015:0264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0264
238
reference_url http://rhn.redhat.com/errata/RHSA-2015-0264.html
reference_id RHSA-2015-0264.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2015-0264.html
239
reference_url http://rhn.redhat.com/errata/RHSA-2015-0698.html
reference_id RHSA-2015-0698.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2015-0698.html
240
reference_url https://access.redhat.com/errata/RHSA-2015:1545
reference_id RHSA-2015:1545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1545
241
reference_url http://rhn.redhat.com/errata/RHSA-2015-1545.html
reference_id RHSA-2015-1545.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2015-1545.html
242
reference_url https://access.redhat.com/errata/RHSA-2015:1546
reference_id RHSA-2015:1546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1546
243
reference_url http://rhn.redhat.com/errata/RHSA-2015-1546.html
reference_id RHSA-2015-1546.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://rhn.redhat.com/errata/RHSA-2015-1546.html
244
reference_url https://bto.bluecoat.com/security-advisory/sa83
reference_id sa83
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://bto.bluecoat.com/security-advisory/sa83
245
reference_url https://www.openssl.org/news/secadv_20141015.txt
reference_id secadv_20141015.txt
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://www.openssl.org/news/secadv_20141015.txt
246
reference_url http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx
reference_id security-advisory-3009008-released.aspx
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx
247
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1076983
reference_id show_bug.cgi?id=1076983
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1076983
248
reference_url https://www.openssl.org/~bodo/ssl-poodle.pdf
reference_id ssl-poodle.pdf
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://www.openssl.org/~bodo/ssl-poodle.pdf
249
reference_url http://www.us-cert.gov/ncas/alerts/TA14-290A
reference_id TA14-290A
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.us-cert.gov/ncas/alerts/TA14-290A
250
reference_url https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
reference_id the-poodle-attack-and-the-end-of-ssl-3-0
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
251
reference_url http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
reference_id this-poodle-bites-exploiting-ssl-30.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
252
reference_url http://www.securityfocus.com/archive/1/533724/100/0/threaded
reference_id threaded
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.securityfocus.com/archive/1/533724/100/0/threaded
253
reference_url https://usn.ubuntu.com/2486-1/
reference_id USN-2486-1
reference_type
scores
url https://usn.ubuntu.com/2486-1/
254
reference_url http://www.ubuntu.com/usn/USN-2486-1
reference_id USN-2486-1
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.ubuntu.com/usn/USN-2486-1
255
reference_url https://usn.ubuntu.com/2487-1/
reference_id USN-2487-1
reference_type
scores
url https://usn.ubuntu.com/2487-1/
256
reference_url http://www.ubuntu.com/usn/USN-2487-1
reference_id USN-2487-1
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.ubuntu.com/usn/USN-2487-1
257
reference_url http://www.vmware.com/security/advisories/VMSA-2015-0003.html
reference_id VMSA-2015-0003.html
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.vmware.com/security/advisories/VMSA-2015-0003.html
258
reference_url http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
reference_id Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:34:07Z/
url http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
fixed_packages
0
url pkg:deb/debian/bouncycastle@0?distro=trixie
purl pkg:deb/debian/bouncycastle@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@0%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2014-3566
risk_score 1.6
exploitability 2.0
weighted_severity 0.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-14yd-vsj7-e3bv
1
url VCID-2pjq-5np3-buhj
vulnerability_id VCID-2pjq-5np3-buhj
summary 
In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate
In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
1
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000338.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000338.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000338
reference_id
reference_type
scores
0
value 0.00371
scoring_system epss
scoring_elements 0.59249
published_at 2026-06-05T12:55:00Z
1
value 0.00381
scoring_system epss
scoring_elements 0.59848
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000338
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000338
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000338
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647
7
reference_url https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0
8
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
10
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
11
reference_url https://security.netapp.com/advisory/ntap-20231006-0011
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231006-0011
12
reference_url https://usn.ubuntu.com/3727-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3727-1
13
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588313
reference_id 1588313
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588313
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1000338
reference_id CVE-2016-1000338
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1000338
16
reference_url https://github.com/advisories/GHSA-4vhj-98r6-424h
reference_id GHSA-4vhj-98r6-424h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4vhj-98r6-424h
17
reference_url https://usn.ubuntu.com/3727-1/
reference_id USN-3727-1
reference_type
scores
url https://usn.ubuntu.com/3727-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2016-1000338, GHSA-4vhj-98r6-424h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2pjq-5np3-buhj
2
url VCID-5pwz-mdv3-dkak
vulnerability_id VCID-5pwz-mdv3-dkak
summary 
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
1
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000345.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000345.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000345
reference_id
reference_type
scores
0
value 0.00802
scoring_system epss
scoring_elements 0.74477
published_at 2026-06-05T12:55:00Z
1
value 0.00802
scoring_system epss
scoring_elements 0.74445
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000345
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000345
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000345
5
reference_url https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35
6
reference_url https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098
7
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
8
reference_url https://security.netapp.com/advisory/ntap-20181127-0004
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181127-0004
9
reference_url https://usn.ubuntu.com/3727-1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3727-1
10
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588323
reference_id 1588323
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588323
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1000345
reference_id CVE-2016-1000345
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1000345
13
reference_url https://github.com/advisories/GHSA-9gp4-qrff-c648
reference_id GHSA-9gp4-qrff-c648
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-9gp4-qrff-c648
14
reference_url https://usn.ubuntu.com/3727-1/
reference_id USN-3727-1
reference_type
scores
url https://usn.ubuntu.com/3727-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2016-1000345, GHSA-9gp4-qrff-c648
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5pwz-mdv3-dkak
3
url VCID-64mt-9155-tkbv
vulnerability_id VCID-64mt-9155-tkbv
summary The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3389
reference_id
reference_type
scores
0
value 0.03832
scoring_system epss
scoring_elements 0.88361
published_at 2026-06-04T12:55:00Z
1
value 0.03832
scoring_system epss
scoring_elements 0.88379
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3389
2
reference_url https://curl.se/docs/CVE-2011-3389.html
reference_id
reference_type
scores
0
value High
scoring_system cvssv3.1
scoring_elements
url https://curl.se/docs/CVE-2011-3389.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=737506
reference_id 737506
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=737506
6
reference_url https://security.gentoo.org/glsa/201111-02
reference_id GLSA-201111-02
reference_type
scores
url https://security.gentoo.org/glsa/201111-02
7
reference_url https://security.gentoo.org/glsa/201203-02
reference_id GLSA-201203-02
reference_type
scores
url https://security.gentoo.org/glsa/201203-02
8
reference_url https://security.gentoo.org/glsa/201301-01
reference_id GLSA-201301-01
reference_type
scores
url https://security.gentoo.org/glsa/201301-01
9
reference_url https://security.gentoo.org/glsa/201406-32
reference_id GLSA-201406-32
reference_type
scores
url https://security.gentoo.org/glsa/201406-32
10
reference_url https://access.redhat.com/errata/RHSA-2011:1380
reference_id RHSA-2011:1380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1380
11
reference_url https://access.redhat.com/errata/RHSA-2011:1384
reference_id RHSA-2011:1384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1384
12
reference_url https://access.redhat.com/errata/RHSA-2012:0006
reference_id RHSA-2012:0006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0006
13
reference_url https://access.redhat.com/errata/RHSA-2012:0034
reference_id RHSA-2012:0034
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0034
14
reference_url https://access.redhat.com/errata/RHSA-2012:0343
reference_id RHSA-2012:0343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0343
15
reference_url https://access.redhat.com/errata/RHSA-2012:0508
reference_id RHSA-2012:0508
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0508
16
reference_url https://access.redhat.com/errata/RHSA-2013:1455
reference_id RHSA-2013:1455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1455
17
reference_url https://usn.ubuntu.com/1263-1/
reference_id USN-1263-1
reference_type
scores
url https://usn.ubuntu.com/1263-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.49%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.49%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.49%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2011-3389
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-64mt-9155-tkbv
4
url VCID-72cc-rqu5-hub5
vulnerability_id VCID-72cc-rqu5-hub5
summary 
In Bouncy Castle JCE Provider the other party DH public key is not fully validated
In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
1
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000346.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000346.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000346
reference_id
reference_type
scores
0
value 0.00962
scoring_system epss
scoring_elements 0.76883
published_at 2026-06-05T12:55:00Z
1
value 0.00989
scoring_system epss
scoring_elements 0.7721
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000346
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000346
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000346
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495
7
reference_url https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937
8
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
9
reference_url https://security.netapp.com/advisory/ntap-20181127-0004
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181127-0004
10
reference_url https://usn.ubuntu.com/3727-1
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3727-1
11
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588327
reference_id 1588327
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588327
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1000346
reference_id CVE-2016-1000346
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1000346
14
reference_url https://github.com/advisories/GHSA-fjqm-246c-mwqg
reference_id GHSA-fjqm-246c-mwqg
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fjqm-246c-mwqg
15
reference_url https://usn.ubuntu.com/3727-1/
reference_id USN-3727-1
reference_type
scores
url https://usn.ubuntu.com/3727-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2016-1000346, GHSA-fjqm-246c-mwqg
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-72cc-rqu5-hub5
5
url VCID-7jw5-6bfa-u7a4
vulnerability_id VCID-7jw5-6bfa-u7a4
summary 
Bouncy Castle for Java on All (API modules) allows Excessive Allocation
A resource allocation vulnerability exists in Bouncy Castle for Java (by Legion of the Bouncy Castle Inc.) that affects all API modules. The vulnerability allows attackers to cause excessive memory allocation through unbounded resource consumption, potentially leading to denial of service. The issue is located in the ASN1ObjectIdentifier.java file in the core module.

This issue affects Bouncy Castle for Java: from BC 1.0 through 1.77, from BC-FJA 1.0.0 through 2.0.0.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8885.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8885.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-8885
reference_id
reference_type
scores
0
value 0.00121
scoring_system epss
scoring_elements 0.30719
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-8885
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8885
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8885
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
5
reference_url https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
6
reference_url https://github.com/bcgit/bc-java/commit/3790993df5d28f661a64439a8664343437ed3865
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/3790993df5d28f661a64439a8664343437ed3865
7
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T18:14:28Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2387790
reference_id 2387790
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2387790
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-8885
reference_id CVE-2025-8885
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-8885
10
reference_url https://github.com/advisories/GHSA-67mf-3cr5-8w23
reference_id GHSA-67mf-3cr5-8w23
reference_type
scores
url https://github.com/advisories/GHSA-67mf-3cr5-8w23
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2025-8885, GHSA-67mf-3cr5-8w23
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7jw5-6bfa-u7a4
6
url VCID-98ws-cchw-a3fe
vulnerability_id VCID-98ws-cchw-a3fe
summary 
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29857.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29857.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-29857
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48752
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-29857
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29857
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63
5
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/
url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857
6
reference_url https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f
7
reference_url https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857
9
reference_url https://security.netapp.com/advisory/ntap-20241206-0008
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241206-0008
10
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/
url https://www.bouncycastle.org/latest_releases.html
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
reference_id 1070655
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2293028
reference_id 2293028
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2293028
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-29857
reference_id CVE-2024-29857
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-29857
14
reference_url https://github.com/advisories/GHSA-8xfc-gm6g-vgpv
reference_id GHSA-8xfc-gm6g-vgpv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8xfc-gm6g-vgpv
15
reference_url https://access.redhat.com/errata/RHSA-2024:4271
reference_id RHSA-2024:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4271
16
reference_url https://access.redhat.com/errata/RHSA-2024:4326
reference_id RHSA-2024:4326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4326
17
reference_url https://access.redhat.com/errata/RHSA-2024:4505
reference_id RHSA-2024:4505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4505
18
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
19
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
20
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
21
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2024-29857, GHSA-8xfc-gm6g-vgpv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98ws-cchw-a3fe
7
url VCID-ah8x-azmn-zbgq
vulnerability_id VCID-ah8x-azmn-zbgq
summary Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6644.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6644.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-6644
reference_id
reference_type
scores
0
value 0.00184
scoring_system epss
scoring_elements 0.39842
published_at 2026-06-04T12:55:00Z
1
value 0.00184
scoring_system epss
scoring_elements 0.39926
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-6644
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6644
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6644
3
reference_url https://github.com/bcgit/bc-java/commit/25aca54734b861ef109ac4943c4a5f98c0c1b885
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/25aca54734b861ef109ac4943c4a5f98c0c1b885
4
reference_url https://github.com/bcgit/bc-java/commit/2d80e6cc6f5b78e159dba3277414e3bfea511dea
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/2d80e6cc6f5b78e159dba3277414e3bfea511dea
5
reference_url https://github.com/bcgit/bc-java/commit/874bab94a5baf426545948116cabe6f4ae338c20
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/874bab94a5baf426545948116cabe6f4ae338c20
6
reference_url https://github.com/bcgit/bc-java/commit/9bc10bbaa9620d691c58e2b37f31f0d31ceea61f
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/9bc10bbaa9620d691c58e2b37f31f0d31ceea61f
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1444015
reference_id 1444015
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1444015
8
reference_url https://usn.ubuntu.com/3727-1/
reference_id USN-3727-1
reference_type
scores
url https://usn.ubuntu.com/3727-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.54-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.54-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.54-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2015-6644
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ah8x-azmn-zbgq
8
url VCID-bf8c-jrdf-mfaw
vulnerability_id VCID-bf8c-jrdf-mfaw
summary 
In Bouncy Castle JCE Provider the DHIES implementation allowed the use of ECB mode
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
1
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000344.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000344.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000344
reference_id
reference_type
scores
0
value 0.00388
scoring_system epss
scoring_elements 0.60269
published_at 2026-06-05T12:55:00Z
1
value 0.00388
scoring_system epss
scoring_elements 0.60223
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000344
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000344
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000344
5
reference_url https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
6
reference_url https://security.netapp.com/advisory/ntap-20181127-0004
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181127-0004
7
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588314
reference_id 1588314
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588314
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1000344
reference_id CVE-2016-1000344
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1000344
10
reference_url https://github.com/advisories/GHSA-2j2x-hx4g-2gf4
reference_id GHSA-2j2x-hx4g-2gf4
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2j2x-hx4g-2gf4
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2016-1000344, GHSA-2j2x-hx4g-2gf4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bf8c-jrdf-mfaw
9
url VCID-c558-uvxv-8fdf
vulnerability_id VCID-c558-uvxv-8fdf
summary 
Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 (ships with BC Java 1.78, BC Java (LTS) 2.73.6) and before BC FIPS TLS Java 1.0.19. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP address in some situations, opening up a possibility of DNS poisoning.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34447.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34447.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-34447
reference_id
reference_type
scores
0
value 0.00141
scoring_system epss
scoring_elements 0.33992
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-34447
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34447
3
reference_url http://security.netapp.com/advisory/ntap-20240614-0007
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://security.netapp.com/advisory/ntap-20240614-0007
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/issues/1656
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/issues/1656
7
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9034447
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:10:40Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9034447
8
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:10:40Z/
url https://www.bouncycastle.org/latest_releases.html
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
reference_id 1070655
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2279227
reference_id 2279227
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2279227
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-34447
reference_id CVE-2024-34447
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-34447
12
reference_url https://github.com/advisories/GHSA-4h8f-2wvx-gg5w
reference_id GHSA-4h8f-2wvx-gg5w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4h8f-2wvx-gg5w
13
reference_url https://security.netapp.com/advisory/ntap-20240614-0007/
reference_id ntap-20240614-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:10:40Z/
url https://security.netapp.com/advisory/ntap-20240614-0007/
14
reference_url https://access.redhat.com/errata/RHSA-2024:4271
reference_id RHSA-2024:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4271
15
reference_url https://access.redhat.com/errata/RHSA-2024:4326
reference_id RHSA-2024:4326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4326
16
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2024-34447, GHSA-4h8f-2wvx-gg5w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c558-uvxv-8fdf
10
url VCID-cjnx-86t9-uufs
vulnerability_id VCID-cjnx-86t9-uufs
summary 
In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode
In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
1
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000352.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000352.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000352
reference_id
reference_type
scores
0
value 0.00388
scoring_system epss
scoring_elements 0.60269
published_at 2026-06-05T12:55:00Z
1
value 0.00388
scoring_system epss
scoring_elements 0.60223
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000352
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000352
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
7
reference_url https://security.netapp.com/advisory/ntap-20181127-0004
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181127-0004
8
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588330
reference_id 1588330
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588330
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1000352
reference_id CVE-2016-1000352
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1000352
11
reference_url https://github.com/advisories/GHSA-w285-wf9q-5w69
reference_id GHSA-w285-wf9q-5w69
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-w285-wf9q-5w69
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2016-1000352, GHSA-w285-wf9q-5w69
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjnx-86t9-uufs
11
url VCID-cnvy-kp5d-pkes
vulnerability_id VCID-cnvy-kp5d-pkes
summary 
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak information on the AES key being used. There was also a leak in AESEngine although it was substantially less. AESEngine has been modified to remove any signs of leakage (testing carried out on Intel X86-64) and is now the primary AES class for the BC JCE provider from 1.56. Use of AESFastEngine is now only recommended where otherwise deemed appropriate.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
1
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000339.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000339.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000339
reference_id
reference_type
scores
0
value 0.01119
scoring_system epss
scoring_elements 0.78599
published_at 2026-06-05T12:55:00Z
1
value 0.01119
scoring_system epss
scoring_elements 0.78572
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000339
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000339
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000339
5
reference_url https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b
6
reference_url https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b#diff-54656f860db94b867ba7542430cd2ef0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b#diff-54656f860db94b867ba7542430cd2ef0
7
reference_url https://github.com/bcgit/bc-java/commit/8a73f08931450c17c749af067b6a8185abdfd2c0#diff-494fb066bed02aeb76b6c005632943f2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/8a73f08931450c17c749af067b6a8185abdfd2c0#diff-494fb066bed02aeb76b6c005632943f2
8
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
9
reference_url https://security.netapp.com/advisory/ntap-20181127-0004
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181127-0004
10
reference_url https://usn.ubuntu.com/3727-1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3727-1
11
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588695
reference_id 1588695
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588695
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1000339
reference_id CVE-2016-1000339
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1000339
14
reference_url https://github.com/advisories/GHSA-c8xf-m4ff-jcxj
reference_id GHSA-c8xf-m4ff-jcxj
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-c8xf-m4ff-jcxj
15
reference_url https://usn.ubuntu.com/3727-1/
reference_id USN-3727-1
reference_type
scores
url https://usn.ubuntu.com/3727-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2016-1000339, GHSA-c8xf-m4ff-jcxj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cnvy-kp5d-pkes
12
url VCID-cqfw-r4um-hyd6
vulnerability_id VCID-cqfw-r4um-hyd6
summary 
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files  https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java ,  https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathRevi... https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java .

This issue affects Bouncy Castle for Java: from BC 1.44 through 1.78, from BCPKIX FIPS 1.0.0 through 1.0.7, from BCPKIX FIPS 2.0.0 through 2.0.7.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8916.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8916.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-8916
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.25901
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-8916
2
reference_url https://cert-portal.siemens.com/productcert/html/ssa-032379.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-032379.html
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8916
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8916
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/commit/310b30a4fbf36d13f6cc201ffa7771715641e67e
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/310b30a4fbf36d13f6cc201ffa7771715641e67e
7
reference_url https://github.com/bcgit/bc-java/commit/ff444a479942d88de64004dc82c3ee32a9e9075a
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/ff444a479942d88de64004dc82c3ee32a9e9075a
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T13:13:37Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2388195
reference_id 2388195
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2388195
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-8916
reference_id CVE-2025-8916
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-8916
11
reference_url https://github.com/advisories/GHSA-4cx2-fc23-5wg6
reference_id GHSA-4cx2-fc23-5wg6
reference_type
scores
url https://github.com/advisories/GHSA-4cx2-fc23-5wg6
12
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2025-8916, GHSA-4cx2-fc23-5wg6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cqfw-r4um-hyd6
13
url VCID-crd1-k1qv-jkec
vulnerability_id VCID-crd1-k1qv-jkec
summary 
Observable Differences in Behavior to Error Inputs in Bouncy Castle
In Legion of the Bouncy Castle BC before 1.55 and BC-FJA before 1.0.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext that decrypts to a short payload in the OAEP Decoder could result in the throwing of an early exception, potentially leaking some information about the private exponent of the RSA private key performing the encryption.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26939
reference_id
reference_type
scores
0
value 0.02437
scoring_system epss
scoring_elements 0.85444
published_at 2026-06-04T12:55:00Z
1
value 0.02437
scoring_system epss
scoring_elements 0.85468
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26939
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26939
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26939
2
reference_url https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1
3
reference_url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E
5
reference_url https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html
6
reference_url https://security.netapp.com/advisory/ntap-20201202-0005
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20201202-0005
7
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2020-26939
reference_id CVE-2020-26939
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE-2020-26939
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26939
reference_id CVE-2020-26939
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26939
9
reference_url https://github.com/advisories/GHSA-72m5-fvvv-55m6
reference_id GHSA-72m5-fvvv-55m6
reference_type
scores
url https://github.com/advisories/GHSA-72m5-fvvv-55m6
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.61-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.61-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.61-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2020-26939, GHSA-72m5-fvvv-55m6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-crd1-k1qv-jkec
14
url VCID-f47r-4t52-3bgq
vulnerability_id VCID-f47r-4t52-3bgq
summary 
This advisory has been marked as False-Positive and removed
An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30172.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30172.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-30172
reference_id
reference_type
scores
0
value 0.00091
scoring_system epss
scoring_elements 0.25766
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-30172
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30172
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30172
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030172
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030172
5
reference_url https://github.com/bcgit/bc-java/commit/1b9fd9b545e691bfb3941a9f6a797660c8860f02
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/1b9fd9b545e691bfb3941a9f6a797660c8860f02
6
reference_url https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49
7
reference_url https://github.com/bcgit/bc-java/commit/ebe1c75579170072dc59b8dee2b55ce31663178f
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/ebe1c75579170072dc59b8dee2b55ce31663178f
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030172
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030172
9
reference_url https://security.netapp.com/advisory/ntap-20240614-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240614-0007
10
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T13:44:28Z/
url https://www.bouncycastle.org/latest_releases.html
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
reference_id 1070655
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2293025
reference_id 2293025
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2293025
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-30172
reference_id CVE-2024-30172
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-30172
14
reference_url https://github.com/advisories/GHSA-m44j-cfrm-g8qc
reference_id GHSA-m44j-cfrm-g8qc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m44j-cfrm-g8qc
15
reference_url https://security.netapp.com/advisory/ntap-20240614-0007/
reference_id ntap-20240614-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T13:44:28Z/
url https://security.netapp.com/advisory/ntap-20240614-0007/
16
reference_url https://access.redhat.com/errata/RHSA-2024:4271
reference_id RHSA-2024:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4271
17
reference_url https://access.redhat.com/errata/RHSA-2024:4326
reference_id RHSA-2024:4326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4326
18
reference_url https://access.redhat.com/errata/RHSA-2024:4505
reference_id RHSA-2024:4505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4505
19
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
20
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
21
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
22
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2024-30172, GHSA-m44j-cfrm-g8qc
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f47r-4t52-3bgq
15
url VCID-fdgv-77kb-ybat
vulnerability_id VCID-fdgv-77kb-ybat
summary 
This advisory has been marked as False-Positive and removed
An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-30171
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.33695
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-30171
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30171
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30171
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217
5
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171
6
reference_url https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0
7
reference_url https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171
9
reference_url https://security.netapp.com/advisory/ntap-20240614-0008
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240614-0008
10
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://www.bouncycastle.org/latest_releases.html
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
reference_id 1070655
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2276360
reference_id 2276360
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2276360
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-30171
reference_id CVE-2024-30171
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-30171
14
reference_url https://github.com/advisories/GHSA-v435-xc8x-wvr9
reference_id GHSA-v435-xc8x-wvr9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v435-xc8x-wvr9
15
reference_url https://security.netapp.com/advisory/ntap-20240614-0008/
reference_id ntap-20240614-0008
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://security.netapp.com/advisory/ntap-20240614-0008/
16
reference_url https://access.redhat.com/errata/RHSA-2024:4173
reference_id RHSA-2024:4173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4173
17
reference_url https://access.redhat.com/errata/RHSA-2024:4271
reference_id RHSA-2024:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4271
18
reference_url https://access.redhat.com/errata/RHSA-2024:4326
reference_id RHSA-2024:4326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4326
19
reference_url https://access.redhat.com/errata/RHSA-2024:4505
reference_id RHSA-2024:4505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4505
20
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
21
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
22
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
23
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2024-30171, GHSA-v435-xc8x-wvr9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fdgv-77kb-ybat
16
url VCID-gf2f-22xn-z7fq
vulnerability_id VCID-gf2f-22xn-z7fq
summary 
Improper Input Validation in Bouncy Castle
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
references
0
reference_url http://openwall.com/lists/oss-security/2013/02/05/24
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2013/02/05/24
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0371.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0371.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-0372.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0372.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1624.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1624.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1624
reference_id
reference_type
scores
0
value 0.00387
scoring_system epss
scoring_elements 0.60135
published_at 2026-06-04T12:55:00Z
1
value 0.00387
scoring_system epss
scoring_elements 0.60182
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1624
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1624
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1624
6
reference_url http://secunia.com/advisories/57716
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/57716
7
reference_url http://secunia.com/advisories/57719
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/57719
8
reference_url http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885
reference_id 699885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=908428
reference_id 908428
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=908428
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1624
reference_id CVE-2013-1624
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-1624
12
reference_url https://github.com/advisories/GHSA-8353-fgcr-xfhx
reference_id GHSA-8353-fgcr-xfhx
reference_type
scores
url https://github.com/advisories/GHSA-8353-fgcr-xfhx
13
reference_url https://access.redhat.com/errata/RHSA-2014:0400
reference_id RHSA-2014:0400
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0400
14
reference_url https://access.redhat.com/errata/RHSA-2014:0401
reference_id RHSA-2014:0401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0401
15
reference_url https://access.redhat.com/errata/RHSA-2014:0896
reference_id RHSA-2014:0896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0896
16
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.48%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.48%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.48%252Bdfsg-2%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2013-1624, GHSA-8353-fgcr-xfhx
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gf2f-22xn-z7fq
17
url VCID-hkej-a1pn-2kh3
vulnerability_id VCID-hkej-a1pn-2kh3
summary 
Improper Validation of Integrity Check Value
The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47. For situations where people need to create the files for legacy reasons a specific keystore type "BKS-V1" was introduced in 1.49. It should be noted that the use of "BKS-V1" is discouraged by the library authors and should only be used where it is otherwise safe to do so, as in where the use of a 16 bit checksum for the file integrity check is not going to cause a security issue in itself.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5382.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5382.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5382
reference_id
reference_type
scores
0
value 0.00153
scoring_system epss
scoring_elements 0.35753
published_at 2026-06-05T12:55:00Z
1
value 0.00153
scoring_system epss
scoring_elements 0.3565
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5382
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5382
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5382
4
reference_url https://github.com/bcgit/bc-java/commit/81b00861cd5711e85fe8dce2a0e119f684120255
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/81b00861cd5711e85fe8dce2a0e119f684120255
5
reference_url https://www.bouncycastle.org/releasenotes.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.bouncycastle.org/releasenotes.html
6
reference_url https://www.kb.cert.org/vuls/id/306792
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.kb.cert.org/vuls/id/306792
7
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
8
reference_url http://www.securityfocus.com/bid/103453
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103453
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1563749
reference_id 1563749
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1563749
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-5382
reference_id CVE-2018-5382
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-5382
11
reference_url https://github.com/advisories/GHSA-8477-3v39-ggpm
reference_id GHSA-8477-3v39-ggpm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8477-3v39-ggpm
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.48%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.48%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.48%252Bdfsg-2%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2018-5382, GHSA-8477-3v39-ggpm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hkej-a1pn-2kh3
18
url VCID-k31z-bskx-uuc9
vulnerability_id VCID-k31z-bskx-uuc9
summary 
Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2423
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2423
1
reference_url https://access.redhat.com/errata/RHSA-2018:2424
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2424
2
reference_url https://access.redhat.com/errata/RHSA-2018:2425
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2425
3
reference_url https://access.redhat.com/errata/RHSA-2018:2428
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2428
4
reference_url https://access.redhat.com/errata/RHSA-2018:2643
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2643
5
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
6
reference_url https://access.redhat.com/errata/RHSA-2019:0877
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0877
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000180.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000180.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000180
reference_id
reference_type
scores
0
value 0.0031
scoring_system epss
scoring_elements 0.54514
published_at 2026-06-05T12:55:00Z
1
value 0.00319
scoring_system epss
scoring_elements 0.55201
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000180
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000180
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000180
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad
12
reference_url https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839
13
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
14
reference_url https://security.netapp.com/advisory/ntap-20190204-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190204-0003
15
reference_url https://www.bountysource.com/issues/58293083-rsa-key-generation-computation-of-iterations-for-mr-primality-test
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.bountysource.com/issues/58293083-rsa-key-generation-computation-of-iterations-for-mr-primality-test
16
reference_url https://www.debian.org/security/2018/dsa-4233
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4233
17
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
18
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
19
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
20
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
21
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
22
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
23
reference_url http://www.securityfocus.com/bid/106567
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106567
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588306
reference_id 1588306
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588306
25
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900843
reference_id 900843
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900843
26
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2018-1000180
reference_id CVE-2018-1000180
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE-2018-1000180
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000180
reference_id CVE-2018-1000180
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000180
28
reference_url https://github.com/advisories/GHSA-xqj7-j8j5-f2xr
reference_id GHSA-xqj7-j8j5-f2xr
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xqj7-j8j5-f2xr
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.59-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.59-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.59-2%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2018-1000180, GHSA-xqj7-j8j5-f2xr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k31z-bskx-uuc9
19
url VCID-q8ux-tmpf-sue2
vulnerability_id VCID-q8ux-tmpf-sue2
summary 
Observable Discrepancy
BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable application. This vulnerability is referred to as "ROBOT."
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13098.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13098.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-13098
reference_id
reference_type
scores
0
value 0.68141
scoring_system epss
scoring_elements 0.98616
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-13098
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13098
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13098
4
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
5
reference_url https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
6
reference_url https://robotattack.org
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://robotattack.org
7
reference_url https://robotattack.org/
reference_id
reference_type
scores
url https://robotattack.org/
8
reference_url https://security.netapp.com/advisory/ntap-20171222-0001
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20171222-0001
9
reference_url https://security.netapp.com/advisory/ntap-20171222-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20171222-0001/
10
reference_url https://www.debian.org/security/2017/dsa-4072
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-4072
11
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
12
reference_url http://www.kb.cert.org/vuls/id/144389
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.kb.cert.org/vuls/id/144389
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1525528
reference_id 1525528
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1525528
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884241
reference_id 884241
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884241
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-13098
reference_id CVE-2017-13098
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-13098
16
reference_url https://github.com/advisories/GHSA-wrwf-pmmj-w989
reference_id GHSA-wrwf-pmmj-w989
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wrwf-pmmj-w989
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.58-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.58-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.58-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2017-13098, GHSA-wrwf-pmmj-w989
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q8ux-tmpf-sue2
20
url VCID-qap8-a94t-3yac
vulnerability_id VCID-qap8-a94t-3yac
summary 
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."
references
0
reference_url http://git.bouncycastle.org/repositories/bc-java/commit/5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83
reference_id
reference_type
scores
url http://git.bouncycastle.org/repositories/bc-java/commit/5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83
1
reference_url http://git.bouncycastle.org/repositories/bc-java/commit/e25e94a046a6934819133886439984e2fecb2b04
reference_id
reference_type
scores
url http://git.bouncycastle.org/repositories/bc-java/commit/e25e94a046a6934819133886439984e2fecb2b04
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00012.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00012.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-2035.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2035.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-2036.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2036.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7940.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7940.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7940
reference_id
reference_type
scores
0
value 0.00972
scoring_system epss
scoring_elements 0.76976
published_at 2026-06-04T12:55:00Z
1
value 0.00972
scoring_system epss
scoring_elements 0.77008
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7940
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7940
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7940
9
reference_url https://usn.ubuntu.com/3727-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3727-1
10
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
11
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
12
reference_url http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html
13
reference_url http://www.debian.org/security/2015/dsa-3417
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3417
14
reference_url http://www.openwall.com/lists/oss-security/2015/10/22/7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/10/22/7
15
reference_url http://www.openwall.com/lists/oss-security/2015/10/22/9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/10/22/9
16
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
17
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
18
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
19
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
20
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
21
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
22
reference_url http://www.securityfocus.com/bid/79091
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/79091
23
reference_url http://www.securitytracker.com/id/1037036
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1037036
24
reference_url http://www.securitytracker.com/id/1037046
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1037046
25
reference_url http://www.securitytracker.com/id/1037053
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1037053
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1276272
reference_id 1276272
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1276272
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802671
reference_id 802671
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802671
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7940
reference_id CVE-2015-7940
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7940
29
reference_url https://github.com/advisories/GHSA-4mv7-cq75-3qjm
reference_id GHSA-4mv7-cq75-3qjm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-4mv7-cq75-3qjm
30
reference_url https://access.redhat.com/errata/RHSA-2016:2035
reference_id RHSA-2016:2035
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2035
31
reference_url https://access.redhat.com/errata/RHSA-2016:2036
reference_id RHSA-2016:2036
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2036
32
reference_url https://usn.ubuntu.com/3727-1/
reference_id USN-3727-1
reference_type
scores
url https://usn.ubuntu.com/3727-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.51-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.51-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.51-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2015-7940, GHSA-4mv7-cq75-3qjm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qap8-a94t-3yac
21
url VCID-qe69-rd9d-4kgg
vulnerability_id VCID-qe69-rd9d-4kgg
summary authentication bypass
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28052.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28052.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28052
reference_id
reference_type
scores
0
value 0.04099
scoring_system epss
scoring_elements 0.88804
published_at 2026-06-05T12:55:00Z
1
value 0.04099
scoring_system epss
scoring_elements 0.88787
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28052
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28052
3
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
4
reference_url https://github.com/bcgit/bc-java/commit/97578f9b7ed277e6ecb58834e85e3d18385a4219
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/97578f9b7ed277e6ecb58834e85e3d18385a4219
5
reference_url https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe@%3Cissues.karaf.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r175f5a25d100dbe2b1bd3459b3ce882a84c3ff91b120ed4ff2d57b53@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r175f5a25d100dbe2b1bd3459b3ce882a84c3ff91b120ed4ff2d57b53@%3Ccommits.pulsar.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a@%3Ccommits.druid.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013@%3Cissues.karaf.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b@%3Cissues.karaf.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r37d332c0bf772f4982d1fdeeb2f88dd71dab6451213e69e43734eadc@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r37d332c0bf772f4982d1fdeeb2f88dd71dab6451213e69e43734eadc@%3Ccommits.pulsar.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc@%3Cissues.karaf.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94@%3Cissues.karaf.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f@%3Ccommits.druid.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rcd37d9214b08067a2e8f2b5b4fd123a1f8cb6008698d11ef44028c21@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rcd37d9214b08067a2e8f2b5b4fd123a1f8cb6008698d11ef44028c21@%3Cissues.karaf.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rdcbad6d8ce72c79827ed8c635f9a62dd919bb21c94a0b64cab2efc31@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rdcbad6d8ce72c79827ed8c635f9a62dd919bb21c94a0b64cab2efc31@%3Cissues.karaf.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rddd2237b8636a48d573869006ee809262525efb2b6ffa6eff50d2a2d@%3Cjira.kafka.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rddd2237b8636a48d573869006ee809262525efb2b6ffa6eff50d2a2d@%3Cjira.kafka.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e@%3Ccommits.druid.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rf9abfc0223747a56694825c050cc6b66627a293a32ea926b3de22402@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf9abfc0223747a56694825c050cc6b66627a293a32ea926b3de22402@%3Cissues.karaf.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rfc0db1f3c375087e69a239f9284ded72d04fbb55849eadde58fa9dc2@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfc0db1f3c375087e69a239f9284ded72d04fbb55849eadde58fa9dc2@%3Cissues.karaf.apache.org%3E
22
reference_url https://www.bouncycastle.org/releasenotes.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.bouncycastle.org/releasenotes.html
23
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
24
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
25
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
26
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
27
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
28
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
29
reference_url https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1912881
reference_id 1912881
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1912881
31
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977683
reference_id 977683
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977683
32
reference_url https://security.archlinux.org/AVG-1372
reference_id AVG-1372
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1372
33
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2020-28052
reference_id CVE-2020-28052
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE-2020-28052
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28052
reference_id CVE-2020-28052
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28052
35
reference_url https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle/
reference_id CVE-2020-28052-BOUNCY-CASTLE
reference_type
scores
url https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle/
36
reference_url https://github.com/advisories/GHSA-73xv-w5gp-frxh
reference_id GHSA-73xv-w5gp-frxh
reference_type
scores
url https://github.com/advisories/GHSA-73xv-w5gp-frxh
37
reference_url https://access.redhat.com/errata/RHSA-2021:0872
reference_id RHSA-2021:0872
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0872
38
reference_url https://access.redhat.com/errata/RHSA-2021:0873
reference_id RHSA-2021:0873
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0873
39
reference_url https://access.redhat.com/errata/RHSA-2021:0874
reference_id RHSA-2021:0874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0874
40
reference_url https://access.redhat.com/errata/RHSA-2021:0885
reference_id RHSA-2021:0885
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0885
41
reference_url https://access.redhat.com/errata/RHSA-2021:0974
reference_id RHSA-2021:0974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0974
42
reference_url https://access.redhat.com/errata/RHSA-2021:1401
reference_id RHSA-2021:1401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1401
43
reference_url https://access.redhat.com/errata/RHSA-2021:2210
reference_id RHSA-2021:2210
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2210
44
reference_url https://access.redhat.com/errata/RHSA-2021:2755
reference_id RHSA-2021:2755
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2755
45
reference_url https://access.redhat.com/errata/RHSA-2021:3140
reference_id RHSA-2021:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3140
46
reference_url https://access.redhat.com/errata/RHSA-2021:3205
reference_id RHSA-2021:3205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3205
47
reference_url https://access.redhat.com/errata/RHSA-2021:4767
reference_id RHSA-2021:4767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4767
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.65-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.65-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.65-2%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2020-28052, GHSA-73xv-w5gp-frxh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qe69-rd9d-4kgg
22
url VCID-rh2m-yftg-7uc9
vulnerability_id VCID-rh2m-yftg-7uc9
summary 
The Bouncy Castle JCE Provider carry a propagation bug
In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with high probability by the output validation for our scalar multipliers.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
1
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000340.json
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000340.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000340
reference_id
reference_type
scores
0
value 0.00397
scoring_system epss
scoring_elements 0.60929
published_at 2026-06-05T12:55:00Z
1
value 0.00397
scoring_system epss
scoring_elements 0.6088
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000340
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000340
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000340
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00
7
reference_url https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00#diff-e5934feac8203ca0104ab291a3560a31
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00#diff-e5934feac8203ca0104ab291a3560a31
8
reference_url https://security.netapp.com/advisory/ntap-20181127-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181127-0004
9
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588688
reference_id 1588688
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588688
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1000340
reference_id CVE-2016-1000340
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1000340
12
reference_url https://github.com/advisories/GHSA-r97x-3g8f-gx3m
reference_id GHSA-r97x-3g8f-gx3m
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-r97x-3g8f-gx3m
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2016-1000340, GHSA-r97x-3g8f-gx3m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rh2m-yftg-7uc9
23
url VCID-s4tz-g6jv-7ub4
vulnerability_id VCID-s4tz-g6jv-7ub4
summary 
Improper Certificate Validation
Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33201.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33201.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-33201
reference_id
reference_type
scores
0
value 0.00326
scoring_system epss
scoring_elements 0.55885
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-33201
2
reference_url https://bouncycastle.org
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/
url https://bouncycastle.org
3
reference_url https://bouncycastle.org/releasenotes.html#r1rv74
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bouncycastle.org/releasenotes.html#r1rv74
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33201
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33201
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
7
reference_url https://github.com/bcgit/bc-java/commit/ccf93ca736b89250ff4ce079a5aa56f5cbf0ebbd
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/ccf93ca736b89250ff4ce079a5aa56f5cbf0ebbd
8
reference_url https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/
url https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc
9
reference_url https://github.com/bcgit/bc-java/commits/main/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commits/main/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
10
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html
11
reference_url https://security.netapp.com/advisory/ntap-20230824-0008
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230824-0008
12
reference_url https://security.netapp.com/advisory/ntap-20230824-0008/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/
url https://security.netapp.com/advisory/ntap-20230824-0008/
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040050
reference_id 1040050
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040050
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2215465
reference_id 2215465
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2215465
15
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2023-33201
reference_id CVE-2023-33201
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:47:56Z/
url https://github.com/bcgit/bc-java/wiki/CVE-2023-33201
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-33201
reference_id CVE-2023-33201
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-33201
17
reference_url https://github.com/advisories/GHSA-hr8g-6v94-x4m9
reference_id GHSA-hr8g-6v94-x4m9
reference_type
scores
url https://github.com/advisories/GHSA-hr8g-6v94-x4m9
18
reference_url https://access.redhat.com/errata/RHSA-2023:5147
reference_id RHSA-2023:5147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5147
19
reference_url https://access.redhat.com/errata/RHSA-2023:5165
reference_id RHSA-2023:5165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5165
20
reference_url https://access.redhat.com/errata/RHSA-2023:7482
reference_id RHSA-2023:7482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7482
21
reference_url https://access.redhat.com/errata/RHSA-2023:7483
reference_id RHSA-2023:7483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7483
22
reference_url https://access.redhat.com/errata/RHSA-2023:7484
reference_id RHSA-2023:7484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7484
23
reference_url https://access.redhat.com/errata/RHSA-2023:7486
reference_id RHSA-2023:7486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7486
24
reference_url https://access.redhat.com/errata/RHSA-2023:7488
reference_id RHSA-2023:7488
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7488
25
reference_url https://access.redhat.com/errata/RHSA-2023:7669
reference_id RHSA-2023:7669
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7669
26
reference_url https://access.redhat.com/errata/RHSA-2023:7678
reference_id RHSA-2023:7678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7678
27
reference_url https://access.redhat.com/errata/RHSA-2024:0278
reference_id RHSA-2024:0278
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0278
28
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.77-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.77-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.77-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2023-33201, GHSA-hr8g-6v94-x4m9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s4tz-g6jv-7ub4
24
url VCID-sxxg-bjnq-2kf7
vulnerability_id VCID-sxxg-bjnq-2kf7
summary 
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
1
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000341.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000341.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000341
reference_id
reference_type
scores
0
value 0.00802
scoring_system epss
scoring_elements 0.74477
published_at 2026-06-05T12:55:00Z
1
value 0.00802
scoring_system epss
scoring_elements 0.74445
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000341
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000341
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000341
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa
7
reference_url https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce
8
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
9
reference_url https://security.netapp.com/advisory/ntap-20181127-0004
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181127-0004
10
reference_url https://usn.ubuntu.com/3727-1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3727-1
11
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588708
reference_id 1588708
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588708
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1000341
reference_id CVE-2016-1000341
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1000341
14
reference_url https://github.com/advisories/GHSA-r9ch-m4fh-fc7q
reference_id GHSA-r9ch-m4fh-fc7q
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-r9ch-m4fh-fc7q
15
reference_url https://usn.ubuntu.com/3727-1/
reference_id USN-3727-1
reference_type
scores
url https://usn.ubuntu.com/3727-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2016-1000341, GHSA-r9ch-m4fh-fc7q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sxxg-bjnq-2kf7
25
url VCID-tnhc-zz9x-6be3
vulnerability_id VCID-tnhc-zz9x-6be3
summary 
Allocation of Resources Without Limits or Throttling
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17359
reference_id
reference_type
scores
0
value 0.03238
scoring_system epss
scoring_elements 0.8736
published_at 2026-06-05T12:55:00Z
1
value 0.03325
scoring_system epss
scoring_elements 0.87505
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17359
1
reference_url https://lists.apache.org/thread.html/r02f887807a49cfd1f1ad53f7a61f3f8e12f60ba2c930bec163031209@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r02f887807a49cfd1f1ad53f7a61f3f8e12f60ba2c930bec163031209@%3Ccommits.tomee.apache.org%3E
2
reference_url https://lists.apache.org/thread.html/r16c3a90cb35ae8a9c74fd5c813c16d6ac255709c9f9d71cd409e007d@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r16c3a90cb35ae8a9c74fd5c813c16d6ac255709c9f9d71cd409e007d@%3Ccommits.tomee.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/r467ade3fef3493f1fff1a68a256d087874e1f858ad1de7a49fe05d27@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r467ade3fef3493f1fff1a68a256d087874e1f858ad1de7a49fe05d27@%3Ccommits.tomee.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r4d475dcaf4f57115fa57d8e06c3823ca398b35468429e7946ebaefdc@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4d475dcaf4f57115fa57d8e06c3823ca398b35468429e7946ebaefdc@%3Ccommits.tomee.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r79b6a6aa0dd1aeb57bd253d94794bc96f1ec005953c4bd5414cc0db0@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r79b6a6aa0dd1aeb57bd253d94794bc96f1ec005953c4bd5414cc0db0@%3Ccommits.tomee.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r8ecb5b76347f84b6e3c693f980dbbead88c25f77b815053c4e6f2c30@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8ecb5b76347f84b6e3c693f980dbbead88c25f77b815053c4e6f2c30@%3Ccommits.tomee.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r91b07985b1307390a58c5b9707f0b28ef8e9c9e1c86670459f20d601@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r91b07985b1307390a58c5b9707f0b28ef8e9c9e1c86670459f20d601@%3Ccommits.tomee.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/re60f980c092ada4bfe236dcfef8b6ca3e8f3b150fc0f51b8cc13d59d@%3Ccommits.tomee.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re60f980c092ada4bfe236dcfef8b6ca3e8f3b150fc0f51b8cc13d59d@%3Ccommits.tomee.apache.org%3E
9
reference_url https://security.netapp.com/advisory/ntap-20191024-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20191024-0006
10
reference_url https://security.netapp.com/advisory/ntap-20191024-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20191024-0006/
11
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.bouncycastle.org/latest_releases.html
12
reference_url https://www.bouncycastle.org/releasenotes.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.bouncycastle.org/releasenotes.html
13
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
14
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2020.html
15
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
16
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
17
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-17359
reference_id CVE-2019-17359
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-17359
19
reference_url https://github.com/advisories/GHSA-2mh8-gx2m-mr75
reference_id GHSA-2mh8-gx2m-mr75
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2mh8-gx2m-mr75
fixed_packages
0
url pkg:deb/debian/bouncycastle@0?distro=trixie
purl pkg:deb/debian/bouncycastle@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@0%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2019-17359, GHSA-2mh8-gx2m-mr75
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnhc-zz9x-6be3
26
url VCID-txmh-5548-ckdg
vulnerability_id VCID-txmh-5548-ckdg
summary 
Timing based private key exposure in Bouncy Castle
Bouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA before 1.0.2.1, BC before 1.66, BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15522.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15522.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15522
reference_id
reference_type
scores
0
value 0.00403
scoring_system epss
scoring_elements 0.61267
published_at 2026-06-05T12:55:00Z
1
value 0.00414
scoring_system epss
scoring_elements 0.61955
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15522
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15522
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15522
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://security.netapp.com/advisory/ntap-20210622-0007
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210622-0007
5
reference_url https://www.bouncycastle.org/releasenotes.html
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.bouncycastle.org/releasenotes.html
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1962879
reference_id 1962879
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1962879
7
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522
reference_id CVE-2020-15522
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2020-15522
reference_id CVE-2020-15522
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE-2020-15522
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-15522
reference_id CVE-2020-15522
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-15522
10
reference_url https://github.com/advisories/GHSA-6xx3-rg99-gc3p
reference_id GHSA-6xx3-rg99-gc3p
reference_type
scores
url https://github.com/advisories/GHSA-6xx3-rg99-gc3p
11
reference_url https://access.redhat.com/errata/RHSA-2021:1401
reference_id RHSA-2021:1401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1401
12
reference_url https://access.redhat.com/errata/RHSA-2021:2755
reference_id RHSA-2021:2755
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2755
13
reference_url https://access.redhat.com/errata/RHSA-2021:5134
reference_id RHSA-2021:5134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5134
14
reference_url https://access.redhat.com/errata/RHSA-2022:1013
reference_id RHSA-2022:1013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1013
15
reference_url https://access.redhat.com/errata/RHSA-2022:1029
reference_id RHSA-2022:1029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1029
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.68-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2020-15522, GHSA-6xx3-rg99-gc3p
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-txmh-5548-ckdg
27
url VCID-umbv-yqxu-cubb
vulnerability_id VCID-umbv-yqxu-cubb
summary The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0169.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0169.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-0169
reference_id
reference_type
scores
0
value 0.00943
scoring_system epss
scoring_elements 0.76636
published_at 2026-06-04T12:55:00Z
1
value 0.00943
scoring_system epss
scoring_elements 0.76666
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-0169
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885
reference_id 699885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888
reference_id 699888
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889
reference_id 699889
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=907589
reference_id 907589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=907589
7
reference_url https://security.gentoo.org/glsa/201310-10
reference_id GLSA-201310-10
reference_type
scores
url https://security.gentoo.org/glsa/201310-10
8
reference_url https://security.gentoo.org/glsa/201312-03
reference_id GLSA-201312-03
reference_type
scores
url https://security.gentoo.org/glsa/201312-03
9
reference_url https://security.gentoo.org/glsa/201401-30
reference_id GLSA-201401-30
reference_type
scores
url https://security.gentoo.org/glsa/201401-30
10
reference_url https://security.gentoo.org/glsa/201406-32
reference_id GLSA-201406-32
reference_type
scores
url https://security.gentoo.org/glsa/201406-32
11
reference_url https://access.redhat.com/errata/RHSA-2013:0273
reference_id RHSA-2013:0273
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0273
12
reference_url https://access.redhat.com/errata/RHSA-2013:0274
reference_id RHSA-2013:0274
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0274
13
reference_url https://access.redhat.com/errata/RHSA-2013:0275
reference_id RHSA-2013:0275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0275
14
reference_url https://access.redhat.com/errata/RHSA-2013:0531
reference_id RHSA-2013:0531
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0531
15
reference_url https://access.redhat.com/errata/RHSA-2013:0532
reference_id RHSA-2013:0532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0532
16
reference_url https://access.redhat.com/errata/RHSA-2013:0587
reference_id RHSA-2013:0587
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0587
17
reference_url https://access.redhat.com/errata/RHSA-2013:0636
reference_id RHSA-2013:0636
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0636
18
reference_url https://access.redhat.com/errata/RHSA-2013:0782
reference_id RHSA-2013:0782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0782
19
reference_url https://access.redhat.com/errata/RHSA-2013:0783
reference_id RHSA-2013:0783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0783
20
reference_url https://access.redhat.com/errata/RHSA-2013:0822
reference_id RHSA-2013:0822
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0822
21
reference_url https://access.redhat.com/errata/RHSA-2013:0823
reference_id RHSA-2013:0823
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0823
22
reference_url https://access.redhat.com/errata/RHSA-2013:0833
reference_id RHSA-2013:0833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0833
23
reference_url https://access.redhat.com/errata/RHSA-2013:0855
reference_id RHSA-2013:0855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0855
24
reference_url https://access.redhat.com/errata/RHSA-2013:1013
reference_id RHSA-2013:1013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1013
25
reference_url https://access.redhat.com/errata/RHSA-2013:1455
reference_id RHSA-2013:1455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1455
26
reference_url https://access.redhat.com/errata/RHSA-2013:1456
reference_id RHSA-2013:1456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1456
27
reference_url https://access.redhat.com/errata/RHSA-2014:0416
reference_id RHSA-2014:0416
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0416
28
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
29
reference_url https://usn.ubuntu.com/1732-1/
reference_id USN-1732-1
reference_type
scores
url https://usn.ubuntu.com/1732-1/
30
reference_url https://usn.ubuntu.com/1732-3/
reference_id USN-1732-3
reference_type
scores
url https://usn.ubuntu.com/1732-3/
31
reference_url https://usn.ubuntu.com/1735-1/
reference_id USN-1735-1
reference_type
scores
url https://usn.ubuntu.com/1735-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.48%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.48%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.48%252Bdfsg-2%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2013-0169
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-umbv-yqxu-cubb
28
url VCID-ut6k-7z6d-zqh1
vulnerability_id VCID-ut6k-7z6d-zqh1
summary 
In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values
In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
1
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000343.json
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000343.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000343
reference_id
reference_type
scores
0
value 0.01074
scoring_system epss
scoring_elements 0.78112
published_at 2026-06-04T12:55:00Z
1
value 0.01074
scoring_system epss
scoring_elements 0.78138
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000343
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000343
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000343
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389
7
reference_url https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389#diff-5578e61500abb2b87b300d3114bdfd7d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389#diff-5578e61500abb2b87b300d3114bdfd7d
8
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
9
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
10
reference_url https://security.netapp.com/advisory/ntap-20181127-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181127-0004
11
reference_url https://usn.ubuntu.com/3727-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3727-1
12
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588721
reference_id 1588721
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588721
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1000343
reference_id CVE-2016-1000343
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1000343
15
reference_url https://github.com/advisories/GHSA-rrvx-pwf8-p59p
reference_id GHSA-rrvx-pwf8-p59p
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rrvx-pwf8-p59p
16
reference_url https://usn.ubuntu.com/3727-1/
reference_id USN-3727-1
reference_type
scores
url https://usn.ubuntu.com/3727-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2016-1000343, GHSA-rrvx-pwf8-p59p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ut6k-7z6d-zqh1
29
url VCID-v4g4-vznr-zuhp
vulnerability_id VCID-v4g4-vznr-zuhp
summary Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code. This attack appear to be exploitable via A handcrafted private key can include references to unexpected classes which will be picked up from the class path for the executing application. This vulnerability appears to have been fixed in 1.60 and later.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000613.json
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000613.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000613
reference_id
reference_type
scores
0
value 0.05036
scoring_system epss
scoring_elements 0.89937
published_at 2026-06-05T12:55:00Z
1
value 0.05036
scoring_system epss
scoring_elements 0.89921
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000613
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000613
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000613
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223
7
reference_url https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574
8
reference_url https://github.com/bcgit/bc-java/commit/cc9f91c41be67e88fca4e38f4872418448950fd9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/cc9f91c41be67e88fca4e38f4872418448950fd9
9
reference_url https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6
10
reference_url https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc
11
reference_url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
13
reference_url https://security.netapp.com/advisory/ntap-20190204-0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190204-0003
14
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
15
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/security-alerts/cpuApr2021.html
16
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/security-alerts/cpuoct2020.html
17
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
18
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
19
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1601096
reference_id 1601096
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1601096
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000613
reference_id CVE-2018-1000613
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000613
22
reference_url https://github.com/advisories/GHSA-4446-656p-f54g
reference_id GHSA-4446-656p-f54g
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-4446-656p-f54g
23
reference_url https://security.netapp.com/advisory/ntap-20190204-0003/
reference_id ntap-20190204-0003
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://security.netapp.com/advisory/ntap-20190204-0003/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.60-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.60-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.60-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2018-1000613, GHSA-4446-656p-f54g
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v4g4-vznr-zuhp
30
url VCID-we5n-w376-tkda
vulnerability_id VCID-we5n-w376-tkda
summary 
Uncontrolled Resource Consumption
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33202.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33202.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-33202
reference_id
reference_type
scores
0
value 0.00159
scoring_system epss
scoring_elements 0.36621
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-33202
2
reference_url https://bouncycastle.org
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T17:51:39Z/
url https://bouncycastle.org
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33202
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33202
4
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
5
reference_url https://github.com/bcgit/bc-java/commit/0c576892862ed41894f49a8f639112e8d66d229c
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/0c576892862ed41894f49a8f639112e8d66d229c
6
reference_url https://security.netapp.com/advisory/ntap-20240125-0001
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240125-0001
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056754
reference_id 1056754
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056754
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2251281
reference_id 2251281
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2251281
9
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2023-33202
reference_id CVE-2023-33202
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T17:51:39Z/
url https://github.com/bcgit/bc-java/wiki/CVE-2023-33202
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-33202
reference_id CVE-2023-33202
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-33202
11
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902023%E2%80%9033202
reference_id CVE%E2%80%902023%E2%80%9033202
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T17:51:39Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902023%E2%80%9033202
12
reference_url https://github.com/advisories/GHSA-wjxj-5m7g-mg7q
reference_id GHSA-wjxj-5m7g-mg7q
reference_type
scores
url https://github.com/advisories/GHSA-wjxj-5m7g-mg7q
13
reference_url https://security.netapp.com/advisory/ntap-20240125-0001/
reference_id ntap-20240125-0001
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T17:51:39Z/
url https://security.netapp.com/advisory/ntap-20240125-0001/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.77-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.77-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.77-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2023-33202, GHSA-wjxj-5m7g-mg7q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-we5n-w376-tkda
31
url VCID-z6hn-789k-dbgj
vulnerability_id VCID-z6hn-789k-dbgj
summary The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6721.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6721.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-6721
reference_id
reference_type
scores
0
value 0.00856
scoring_system epss
scoring_elements 0.75334
published_at 2026-06-04T12:55:00Z
1
value 0.00856
scoring_system epss
scoring_elements 0.75363
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-6721
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6721
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6721
3
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-6721
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2007-6721
5
reference_url https://web.archive.org/web/20071022023551/http://www.bouncycastle.org/csharp
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20071022023551/http://www.bouncycastle.org/csharp
6
reference_url https://web.archive.org/web/20071022023551/http://www.bouncycastle.org/csharp/
reference_id
reference_type
scores
url https://web.archive.org/web/20071022023551/http://www.bouncycastle.org/csharp/
7
reference_url https://web.archive.org/web/20080316202318/http://www.bouncycastle.org:80/releasenotes.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080316202318/http://www.bouncycastle.org:80/releasenotes.html
8
reference_url http://www.bouncycastle.org/devmailarchive/msg08195.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.bouncycastle.org/devmailarchive/msg08195.html
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=494053
reference_id 494053
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=494053
10
reference_url https://github.com/advisories/GHSA-m26p-m559-g5j5
reference_id GHSA-m26p-m559-g5j5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m26p-m559-g5j5
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.38-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.38-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.38-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2007-6721, GHSA-m26p-m559-g5j5
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6hn-789k-dbgj
32
url VCID-zkjk-uddk-9qem
vulnerability_id VCID-zkjk-uddk-9qem
summary 
In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification
In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
1
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000342.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000342.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000342
reference_id
reference_type
scores
0
value 0.00471
scoring_system epss
scoring_elements 0.64994
published_at 2026-06-05T12:55:00Z
1
value 0.00471
scoring_system epss
scoring_elements 0.64951
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000342
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000342
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000342
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647
7
reference_url https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9
8
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
9
reference_url https://security.netapp.com/advisory/ntap-20181127-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181127-0004
10
reference_url https://usn.ubuntu.com/3727-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3727-1
11
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588715
reference_id 1588715
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588715
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1000342
reference_id CVE-2016-1000342
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1000342
14
reference_url https://github.com/advisories/GHSA-qcj7-g2j5-g7r3
reference_id GHSA-qcj7-g2j5-g7r3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qcj7-g2j5-g7r3
15
reference_url https://usn.ubuntu.com/3727-1/
reference_id USN-3727-1
reference_type
scores
url https://usn.ubuntu.com/3727-1/
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
purl pkg:deb/debian/bouncycastle@1.56-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%3Fdistro=trixie
1
url pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.68-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-s4tz-g6jv-7ub4
7
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie
2
url pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
purl pkg:deb/debian/bouncycastle@1.72-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7jw5-6bfa-u7a4
1
vulnerability VCID-98ws-cchw-a3fe
2
vulnerability VCID-c558-uvxv-8fdf
3
vulnerability VCID-cqfw-r4um-hyd6
4
vulnerability VCID-f47r-4t52-3bgq
5
vulnerability VCID-fdgv-77kb-ybat
6
vulnerability VCID-jt6u-jzrn-pkdt
7
vulnerability VCID-s4tz-g6jv-7ub4
8
vulnerability VCID-we5n-w376-tkda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie
3
url pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
purl pkg:deb/debian/bouncycastle@1.80-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jt6u-jzrn-pkdt
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie
aliases CVE-2016-1000342, GHSA-qcj7-g2j5-g7r3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkjk-uddk-9qem
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie