Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.bouncycastle/bctls-fips@1.0.19
purl pkg:maven/org.bouncycastle/bctls-fips@1.0.19
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-2j9r-6zbp-m3bz Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack") An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing. CVE-2024-30171
GHSA-v435-xc8x-wvr9
VCID-e4j2-7rmt-17bf Bouncy Castle Java Cryptography API vulnerable to DNS poisoning An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 (ships with BC Java 1.78, BC Java (LTS) 2.73.6) and before BC FIPS TLS Java 1.0.19. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP address in some situations, opening up a possibility of DNS poisoning. CVE-2024-34447
GHSA-4h8f-2wvx-gg5w

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-19T00:06:21.676210+00:00 GHSA Importer Fixing VCID-e4j2-7rmt-17bf https://github.com/advisories/GHSA-4h8f-2wvx-gg5w 38.4.0
2026-04-18T04:27:28.673036+00:00 GithubOSV Importer Fixing VCID-e4j2-7rmt-17bf https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-4h8f-2wvx-gg5w/GHSA-4h8f-2wvx-gg5w.json 38.4.0
2026-04-16T22:58:14.158706+00:00 GitLab Importer Fixing VCID-2j9r-6zbp-m3bz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bctls-fips/CVE-2024-30171.yml 38.4.0
2026-04-16T22:57:08.929466+00:00 GitLab Importer Fixing VCID-e4j2-7rmt-17bf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bctls-fips/CVE-2024-34447.yml 38.4.0
2026-04-12T00:16:20.223770+00:00 GitLab Importer Fixing VCID-2j9r-6zbp-m3bz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bctls-fips/CVE-2024-30171.yml 38.3.0
2026-04-12T00:15:21.520546+00:00 GitLab Importer Fixing VCID-e4j2-7rmt-17bf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bctls-fips/CVE-2024-34447.yml 38.3.0
2026-04-03T00:23:20.885193+00:00 GitLab Importer Fixing VCID-2j9r-6zbp-m3bz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bctls-fips/CVE-2024-30171.yml 38.1.0
2026-04-03T00:22:13.240587+00:00 GitLab Importer Fixing VCID-e4j2-7rmt-17bf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bctls-fips/CVE-2024-34447.yml 38.1.0
2026-04-02T12:39:11.232123+00:00 GitLab Importer Fixing VCID-2j9r-6zbp-m3bz https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bctls-fips/CVE-2024-30171.yml 38.0.0
2026-04-02T12:39:06.896307+00:00 GitLab Importer Fixing VCID-e4j2-7rmt-17bf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bctls-fips/CVE-2024-34447.yml 38.0.0
2026-04-01T16:05:15.819900+00:00 GHSA Importer Fixing VCID-2j9r-6zbp-m3bz https://github.com/advisories/GHSA-v435-xc8x-wvr9 38.0.0
2026-04-01T16:05:12.598761+00:00 GHSA Importer Fixing VCID-e4j2-7rmt-17bf https://github.com/advisories/GHSA-4h8f-2wvx-gg5w 38.0.0
2026-04-01T12:52:07.680657+00:00 GithubOSV Importer Fixing VCID-e4j2-7rmt-17bf https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-4h8f-2wvx-gg5w/GHSA-4h8f-2wvx-gg5w.json 38.0.0
2026-04-01T12:52:02.857668+00:00 GithubOSV Importer Fixing VCID-2j9r-6zbp-m3bz https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-v435-xc8x-wvr9/GHSA-v435-xc8x-wvr9.json 38.0.0