Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/bouncycastle@1.60-1
Typedeb
Namespacedebian
Namebouncycastle
Version1.60-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.80-3
Latest_non_vulnerable_version1.80-3
Affected_by_vulnerabilities
0
url VCID-2u8v-56gn-8uc2
vulnerability_id VCID-2u8v-56gn-8uc2
summary 
Timing based private key exposure in Bouncy Castle
Bouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA before 1.0.2.1, BC before 1.66, BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15522.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15522.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15522
reference_id
reference_type
scores
0
value 0.0057
scoring_system epss
scoring_elements 0.68612
published_at 2026-04-13T12:55:00Z
1
value 0.0057
scoring_system epss
scoring_elements 0.68546
published_at 2026-04-01T12:55:00Z
2
value 0.0057
scoring_system epss
scoring_elements 0.68565
published_at 2026-04-02T12:55:00Z
3
value 0.0057
scoring_system epss
scoring_elements 0.68583
published_at 2026-04-04T12:55:00Z
4
value 0.0057
scoring_system epss
scoring_elements 0.6856
published_at 2026-04-07T12:55:00Z
5
value 0.0057
scoring_system epss
scoring_elements 0.68611
published_at 2026-04-08T12:55:00Z
6
value 0.0057
scoring_system epss
scoring_elements 0.68629
published_at 2026-04-09T12:55:00Z
7
value 0.0057
scoring_system epss
scoring_elements 0.68654
published_at 2026-04-11T12:55:00Z
8
value 0.0057
scoring_system epss
scoring_elements 0.68641
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15522
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15522
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15522
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://security.netapp.com/advisory/ntap-20210622-0007
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210622-0007
5
reference_url https://www.bouncycastle.org/releasenotes.html
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.bouncycastle.org/releasenotes.html
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1962879
reference_id 1962879
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1962879
7
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522
reference_id CVE-2020-15522
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2020-15522
reference_id CVE-2020-15522
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE-2020-15522
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-15522
reference_id CVE-2020-15522
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-15522
10
reference_url https://github.com/advisories/GHSA-6xx3-rg99-gc3p
reference_id GHSA-6xx3-rg99-gc3p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6xx3-rg99-gc3p
11
reference_url https://access.redhat.com/errata/RHSA-2021:1401
reference_id RHSA-2021:1401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1401
12
reference_url https://access.redhat.com/errata/RHSA-2021:2755
reference_id RHSA-2021:2755
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2755
13
reference_url https://access.redhat.com/errata/RHSA-2021:5134
reference_id RHSA-2021:5134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5134
14
reference_url https://access.redhat.com/errata/RHSA-2022:1013
reference_id RHSA-2022:1013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1013
15
reference_url https://access.redhat.com/errata/RHSA-2022:1029
reference_id RHSA-2022:1029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1029
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.68-2
purl pkg:deb/debian/bouncycastle@1.68-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2j9r-6zbp-m3bz
1
vulnerability VCID-4rs8-tp92-p7ck
2
vulnerability VCID-abxq-7eq3-g7dp
3
vulnerability VCID-d5x5-hcjh-efcr
4
vulnerability VCID-e4j2-7rmt-17bf
5
vulnerability VCID-rary-mqyu-2yes
6
vulnerability VCID-sz15-payv-uyab
7
vulnerability VCID-wqgc-hd9r-zuek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2
aliases CVE-2020-15522, GHSA-6xx3-rg99-gc3p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2u8v-56gn-8uc2
1
url VCID-amzx-sbps-xke5
vulnerability_id VCID-amzx-sbps-xke5
summary 
Logic error in Legion of the Bouncy Castle BC Java
An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28052.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28052.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28052
reference_id
reference_type
scores
0
value 0.04099
scoring_system epss
scoring_elements 0.88595
published_at 2026-04-13T12:55:00Z
1
value 0.04099
scoring_system epss
scoring_elements 0.88603
published_at 2026-04-11T12:55:00Z
2
value 0.04099
scoring_system epss
scoring_elements 0.88591
published_at 2026-04-09T12:55:00Z
3
value 0.04099
scoring_system epss
scoring_elements 0.88586
published_at 2026-04-08T12:55:00Z
4
value 0.04099
scoring_system epss
scoring_elements 0.88568
published_at 2026-04-07T12:55:00Z
5
value 0.04099
scoring_system epss
scoring_elements 0.88565
published_at 2026-04-04T12:55:00Z
6
value 0.04099
scoring_system epss
scoring_elements 0.88547
published_at 2026-04-02T12:55:00Z
7
value 0.04099
scoring_system epss
scoring_elements 0.88539
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28052
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28052
3
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
4
reference_url https://github.com/bcgit/bc-java/commit/97578f9b7ed277e6ecb58834e85e3d18385a4219
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/97578f9b7ed277e6ecb58834e85e3d18385a4219
5
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2020-28052
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE-2020-28052
6
reference_url https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe@%3Cissues.karaf.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r175f5a25d100dbe2b1bd3459b3ce882a84c3ff91b120ed4ff2d57b53@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r175f5a25d100dbe2b1bd3459b3ce882a84c3ff91b120ed4ff2d57b53@%3Ccommits.pulsar.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a@%3Ccommits.druid.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013@%3Cissues.karaf.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b@%3Cissues.karaf.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r37d332c0bf772f4982d1fdeeb2f88dd71dab6451213e69e43734eadc@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r37d332c0bf772f4982d1fdeeb2f88dd71dab6451213e69e43734eadc@%3Ccommits.pulsar.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc@%3Cissues.karaf.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94@%3Cissues.karaf.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f@%3Ccommits.druid.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rcd37d9214b08067a2e8f2b5b4fd123a1f8cb6008698d11ef44028c21@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rcd37d9214b08067a2e8f2b5b4fd123a1f8cb6008698d11ef44028c21@%3Cissues.karaf.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rdcbad6d8ce72c79827ed8c635f9a62dd919bb21c94a0b64cab2efc31@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rdcbad6d8ce72c79827ed8c635f9a62dd919bb21c94a0b64cab2efc31@%3Cissues.karaf.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rddd2237b8636a48d573869006ee809262525efb2b6ffa6eff50d2a2d@%3Cjira.kafka.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rddd2237b8636a48d573869006ee809262525efb2b6ffa6eff50d2a2d@%3Cjira.kafka.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e@%3Ccommits.druid.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rf9abfc0223747a56694825c050cc6b66627a293a32ea926b3de22402@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf9abfc0223747a56694825c050cc6b66627a293a32ea926b3de22402@%3Cissues.karaf.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rfc0db1f3c375087e69a239f9284ded72d04fbb55849eadde58fa9dc2@%3Cissues.karaf.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfc0db1f3c375087e69a239f9284ded72d04fbb55849eadde58fa9dc2@%3Cissues.karaf.apache.org%3E
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28052
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28052
24
reference_url https://www.bouncycastle.org/releasenotes.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.bouncycastle.org/releasenotes.html
25
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
26
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
27
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
28
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com//security-alerts/cpujul2021.html
29
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
30
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
31
reference_url https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1912881
reference_id 1912881
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1912881
33
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977683
reference_id 977683
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977683
34
reference_url https://security.archlinux.org/AVG-1372
reference_id AVG-1372
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1372
35
reference_url https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle/
reference_id CVE-2020-28052-BOUNCY-CASTLE
reference_type
scores
url https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle/
36
reference_url https://github.com/advisories/GHSA-73xv-w5gp-frxh
reference_id GHSA-73xv-w5gp-frxh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-73xv-w5gp-frxh
37
reference_url https://access.redhat.com/errata/RHSA-2021:0872
reference_id RHSA-2021:0872
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0872
38
reference_url https://access.redhat.com/errata/RHSA-2021:0873
reference_id RHSA-2021:0873
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0873
39
reference_url https://access.redhat.com/errata/RHSA-2021:0874
reference_id RHSA-2021:0874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0874
40
reference_url https://access.redhat.com/errata/RHSA-2021:0885
reference_id RHSA-2021:0885
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0885
41
reference_url https://access.redhat.com/errata/RHSA-2021:0974
reference_id RHSA-2021:0974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0974
42
reference_url https://access.redhat.com/errata/RHSA-2021:1401
reference_id RHSA-2021:1401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1401
43
reference_url https://access.redhat.com/errata/RHSA-2021:2210
reference_id RHSA-2021:2210
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2210
44
reference_url https://access.redhat.com/errata/RHSA-2021:2755
reference_id RHSA-2021:2755
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2755
45
reference_url https://access.redhat.com/errata/RHSA-2021:3205
reference_id RHSA-2021:3205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3205
46
reference_url https://access.redhat.com/errata/RHSA-2021:4767
reference_id RHSA-2021:4767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4767
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.68-2
purl pkg:deb/debian/bouncycastle@1.68-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2j9r-6zbp-m3bz
1
vulnerability VCID-4rs8-tp92-p7ck
2
vulnerability VCID-abxq-7eq3-g7dp
3
vulnerability VCID-d5x5-hcjh-efcr
4
vulnerability VCID-e4j2-7rmt-17bf
5
vulnerability VCID-rary-mqyu-2yes
6
vulnerability VCID-sz15-payv-uyab
7
vulnerability VCID-wqgc-hd9r-zuek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2
aliases CVE-2020-28052, GHSA-73xv-w5gp-frxh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-amzx-sbps-xke5
2
url VCID-nau9-4auz-pqbs
vulnerability_id VCID-nau9-4auz-pqbs
summary 
Observable Differences in Behavior to Error Inputs in Bouncy Castle
In Legion of the Bouncy Castle BC before 1.55 and BC-FJA before 1.0.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext that decrypts to a short payload in the OAEP Decoder could result in the throwing of an early exception, potentially leaking some information about the private exponent of the RSA private key performing the encryption.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26939
reference_id
reference_type
scores
0
value 0.02437
scoring_system epss
scoring_elements 0.85159
published_at 2026-04-09T12:55:00Z
1
value 0.02437
scoring_system epss
scoring_elements 0.85168
published_at 2026-04-13T12:55:00Z
2
value 0.02437
scoring_system epss
scoring_elements 0.85171
published_at 2026-04-12T12:55:00Z
3
value 0.02437
scoring_system epss
scoring_elements 0.85173
published_at 2026-04-11T12:55:00Z
4
value 0.02437
scoring_system epss
scoring_elements 0.85096
published_at 2026-04-01T12:55:00Z
5
value 0.02437
scoring_system epss
scoring_elements 0.85109
published_at 2026-04-02T12:55:00Z
6
value 0.02437
scoring_system epss
scoring_elements 0.85126
published_at 2026-04-04T12:55:00Z
7
value 0.02437
scoring_system epss
scoring_elements 0.8513
published_at 2026-04-07T12:55:00Z
8
value 0.02437
scoring_system epss
scoring_elements 0.85151
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26939
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26939
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26939
2
reference_url https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1
3
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2020-26939
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE-2020-26939
4
reference_url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e@%3Cissues.solr.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E
6
reference_url https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26939
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26939
8
reference_url https://security.netapp.com/advisory/ntap-20201202-0005
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20201202-0005
9
reference_url https://github.com/advisories/GHSA-72m5-fvvv-55m6
reference_id GHSA-72m5-fvvv-55m6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-72m5-fvvv-55m6
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.68-2
purl pkg:deb/debian/bouncycastle@1.68-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2j9r-6zbp-m3bz
1
vulnerability VCID-4rs8-tp92-p7ck
2
vulnerability VCID-abxq-7eq3-g7dp
3
vulnerability VCID-d5x5-hcjh-efcr
4
vulnerability VCID-e4j2-7rmt-17bf
5
vulnerability VCID-rary-mqyu-2yes
6
vulnerability VCID-sz15-payv-uyab
7
vulnerability VCID-wqgc-hd9r-zuek
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2
aliases CVE-2020-26939, GHSA-72m5-fvvv-55m6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nau9-4auz-pqbs
Fixing_vulnerabilities
0
url VCID-pybm-wf4t-pbdg
vulnerability_id VCID-pybm-wf4t-pbdg
summary Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2423
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2423
1
reference_url https://access.redhat.com/errata/RHSA-2018:2424
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2424
2
reference_url https://access.redhat.com/errata/RHSA-2018:2425
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2425
3
reference_url https://access.redhat.com/errata/RHSA-2018:2428
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2428
4
reference_url https://access.redhat.com/errata/RHSA-2018:2643
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2643
5
reference_url https://access.redhat.com/errata/RHSA-2018:2669
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2669
6
reference_url https://access.redhat.com/errata/RHSA-2019:0877
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0877
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000180.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000180.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000180
reference_id
reference_type
scores
0
value 0.00256
scoring_system epss
scoring_elements 0.48928
published_at 2026-04-01T12:55:00Z
1
value 0.00256
scoring_system epss
scoring_elements 0.48964
published_at 2026-04-02T12:55:00Z
2
value 0.00277
scoring_system epss
scoring_elements 0.51098
published_at 2026-04-13T12:55:00Z
3
value 0.00277
scoring_system epss
scoring_elements 0.51082
published_at 2026-04-04T12:55:00Z
4
value 0.00277
scoring_system epss
scoring_elements 0.51136
published_at 2026-04-11T12:55:00Z
5
value 0.00277
scoring_system epss
scoring_elements 0.51115
published_at 2026-04-12T12:55:00Z
6
value 0.00277
scoring_system epss
scoring_elements 0.51039
published_at 2026-04-07T12:55:00Z
7
value 0.00277
scoring_system epss
scoring_elements 0.51096
published_at 2026-04-08T12:55:00Z
8
value 0.00277
scoring_system epss
scoring_elements 0.51092
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000180
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000180
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000180
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad
12
reference_url https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839
13
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
15
reference_url https://security.netapp.com/advisory/ntap-20190204-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190204-0003
16
reference_url https://security.netapp.com/advisory/ntap-20190204-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190204-0003/
17
reference_url https://www.bountysource.com/issues/58293083-rsa-key-generation-computation-of-iterations-for-mr-primality-test
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.bountysource.com/issues/58293083-rsa-key-generation-computation-of-iterations-for-mr-primality-test
18
reference_url https://www.debian.org/security/2018/dsa-4233
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4233
19
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
20
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
21
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
22
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
23
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
24
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
25
reference_url http://www.securityfocus.com/bid/106567
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106567
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1588306
reference_id 1588306
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1588306
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900843
reference_id 900843
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900843
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bouncycastle:fips_java_api:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:bouncycastle:fips_java_api:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bouncycastle:fips_java_api:*:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_transaction_management:12.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:business_transaction_management:12.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_transaction_management:12.1.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_application_session_controller:3.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_application_session_controller:3.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_application_session_controller:3.8.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:managed_file_transfer:12.1.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:managed_file_transfer:12.1.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:managed_file_transfer:12.1.3.0.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.8.1:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:virtualization:4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:virtualization:4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:virtualization:4.2:*:*:*:*:*:*:*
59
reference_url https://github.com/bcgit/bc-java/wiki/CVE-2018-1000180
reference_id CVE-2018-1000180
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE-2018-1000180
60
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000180
reference_id CVE-2018-1000180
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000180
61
reference_url https://github.com/advisories/GHSA-xqj7-j8j5-f2xr
reference_id GHSA-xqj7-j8j5-f2xr
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xqj7-j8j5-f2xr
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1%2Bdeb9u2
purl pkg:deb/debian/bouncycastle@1.56-1%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2u8v-56gn-8uc2
1
vulnerability VCID-amzx-sbps-xke5
2
vulnerability VCID-nau9-4auz-pqbs
3
vulnerability VCID-pybm-wf4t-pbdg
4
vulnerability VCID-xpm3-yad2-mke2
5
vulnerability VCID-y7hr-kcfy-5qgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%252Bdeb9u2
1
url pkg:deb/debian/bouncycastle@1.60-1
purl pkg:deb/debian/bouncycastle@1.60-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2u8v-56gn-8uc2
1
vulnerability VCID-amzx-sbps-xke5
2
vulnerability VCID-nau9-4auz-pqbs
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.60-1
aliases CVE-2018-1000180, GHSA-xqj7-j8j5-f2xr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pybm-wf4t-pbdg
1
url VCID-xpm3-yad2-mke2
vulnerability_id VCID-xpm3-yad2-mke2
summary BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable application. This vulnerability is referred to as "ROBOT."
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13098.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13098.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-13098
reference_id
reference_type
scores
0
value 0.66233
scoring_system epss
scoring_elements 0.98524
published_at 2026-04-13T12:55:00Z
1
value 0.66233
scoring_system epss
scoring_elements 0.98512
published_at 2026-04-01T12:55:00Z
2
value 0.66233
scoring_system epss
scoring_elements 0.98514
published_at 2026-04-02T12:55:00Z
3
value 0.66233
scoring_system epss
scoring_elements 0.98516
published_at 2026-04-04T12:55:00Z
4
value 0.66233
scoring_system epss
scoring_elements 0.98517
published_at 2026-04-07T12:55:00Z
5
value 0.66233
scoring_system epss
scoring_elements 0.9852
published_at 2026-04-08T12:55:00Z
6
value 0.66233
scoring_system epss
scoring_elements 0.98522
published_at 2026-04-09T12:55:00Z
7
value 0.66233
scoring_system epss
scoring_elements 0.98523
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-13098
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13098
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13098
4
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
5
reference_url https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
6
reference_url https://robotattack.org
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://robotattack.org
7
reference_url https://robotattack.org/
reference_id
reference_type
scores
url https://robotattack.org/
8
reference_url https://security.netapp.com/advisory/ntap-20171222-0001
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20171222-0001
9
reference_url https://security.netapp.com/advisory/ntap-20171222-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20171222-0001/
10
reference_url https://www.debian.org/security/2017/dsa-4072
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2017/dsa-4072
11
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
12
reference_url http://www.kb.cert.org/vuls/id/144389
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.kb.cert.org/vuls/id/144389
13
reference_url http://www.securityfocus.com/bid/102195
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102195
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1525528
reference_id 1525528
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1525528
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884241
reference_id 884241
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884241
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-13098
reference_id CVE-2017-13098
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-13098
18
reference_url https://github.com/advisories/GHSA-wrwf-pmmj-w989
reference_id GHSA-wrwf-pmmj-w989
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wrwf-pmmj-w989
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.56-1%2Bdeb9u2
purl pkg:deb/debian/bouncycastle@1.56-1%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2u8v-56gn-8uc2
1
vulnerability VCID-amzx-sbps-xke5
2
vulnerability VCID-nau9-4auz-pqbs
3
vulnerability VCID-pybm-wf4t-pbdg
4
vulnerability VCID-xpm3-yad2-mke2
5
vulnerability VCID-y7hr-kcfy-5qgd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.56-1%252Bdeb9u2
1
url pkg:deb/debian/bouncycastle@1.60-1
purl pkg:deb/debian/bouncycastle@1.60-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2u8v-56gn-8uc2
1
vulnerability VCID-amzx-sbps-xke5
2
vulnerability VCID-nau9-4auz-pqbs
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.60-1
aliases CVE-2017-13098, GHSA-wrwf-pmmj-w989
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xpm3-yad2-mke2
2
url VCID-y7hr-kcfy-5qgd
vulnerability_id VCID-y7hr-kcfy-5qgd
summary Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code. This attack appear to be exploitable via A handcrafted private key can include references to unexpected classes which will be picked up from the class path for the executing application. This vulnerability appears to have been fixed in 1.60 and later.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000613.json
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000613.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000613
reference_id
reference_type
scores
0
value 0.05036
scoring_system epss
scoring_elements 0.89759
published_at 2026-04-11T12:55:00Z
1
value 0.05036
scoring_system epss
scoring_elements 0.89746
published_at 2026-04-08T12:55:00Z
2
value 0.05036
scoring_system epss
scoring_elements 0.89728
published_at 2026-04-07T12:55:00Z
3
value 0.05036
scoring_system epss
scoring_elements 0.89726
published_at 2026-04-04T12:55:00Z
4
value 0.05036
scoring_system epss
scoring_elements 0.89708
published_at 2026-04-01T12:55:00Z
5
value 0.05036
scoring_system epss
scoring_elements 0.89753
published_at 2026-04-09T12:55:00Z
6
value 0.05036
scoring_system epss
scoring_elements 0.89711
published_at 2026-04-02T12:55:00Z
7
value 0.05036
scoring_system epss
scoring_elements 0.89751
published_at 2026-04-13T12:55:00Z
8
value 0.05036
scoring_system epss
scoring_elements 0.89758
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000613
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000613
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000613
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
6
reference_url https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223
7
reference_url https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574
8
reference_url https://github.com/bcgit/bc-java/commit/cc9f91c41be67e88fca4e38f4872418448950fd9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/cc9f91c41be67e88fca4e38f4872418448950fd9
9
reference_url https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6
reference_id
reference_type
scores
url https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6
10
reference_url https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc
11
reference_url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
13
reference_url https://security.netapp.com/advisory/ntap-20190204-0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190204-0003
14
reference_url https://security.netapp.com/advisory/ntap-20190204-0003/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://security.netapp.com/advisory/ntap-20190204-0003/
15
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
16
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/security-alerts/cpuApr2021.html
17
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/security-alerts/cpuoct2020.html
18
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
19
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
20
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-29T19:03:21Z/
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1601096
reference_id 1601096
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1601096
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_transaction_management:12.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:business_transaction_management:12.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_transaction_management:12.1.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_application_session_controller:3.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_application_session_controller:3.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_application_session_controller:3.8.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_converged_application_server:7.0.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_converged_application_server:7.0.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_converged_application_server:7.0.0.1:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_convergence:3.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_convergence:3.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_convergence:3.0.2:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.3.0.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_repository:11.1.1.7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_repository:11.1.1.7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_repository:11.1.1.7.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:managed_file_transfer:12.1.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:managed_file_transfer:12.1.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:managed_file_transfer:12.1.3.0.0:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.8.1:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:utilities_network_management_system:1.12.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:utilities_network_management_system:1.12.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:utilities_network_management_system:1.12.0.3:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.1:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.2:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000613
reference_id CVE-2018-1000613
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000613
70
reference_url https://github.com/advisories/GHSA-4446-656p-f54g
reference_id GHSA-4446-656p-f54g
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-4446-656p-f54g
fixed_packages
0
url pkg:deb/debian/bouncycastle@1.60-1
purl pkg:deb/debian/bouncycastle@1.60-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2u8v-56gn-8uc2
1
vulnerability VCID-amzx-sbps-xke5
2
vulnerability VCID-nau9-4auz-pqbs
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.60-1
aliases CVE-2018-1000613, GHSA-4446-656p-f54g
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y7hr-kcfy-5qgd
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.60-1