VulnerableCode Package Details - pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.48

Search for packages

Vulnerability	Summary	Fixed by
VCID-2u2e-ux7t-aaar Aliases: CVE-2020-15522 GHSA-6xx3-rg99-gc3p	Timing based private key exposure in Bouncy Castle	1.66 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-tt54-7vmn-aaaj Aliases: CVE-2023-33202 GHSA-wjxj-5m7g-mg7q	Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)	1.73 Affected by 0 other vulnerabilities.
VCID-x6rq-m1e2-aaab Aliases: CVE-2020-26939 GHSA-72m5-fvvv-55m6	Observable Differences in Behavior to Error Inputs in Bouncy Castle	1.61 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-2u2e-ux7t-aaar
Aliases:
CVE-2020-15522
GHSA-6xx3-rg99-gc3p

Timing based private key exposure in Bouncy Castle

1.66
Affected by 3 other vulnerabilities.

VCID-tt54-7vmn-aaaj
Aliases:
CVE-2023-33202
GHSA-wjxj-5m7g-mg7q

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)

1.73
Affected by 0 other vulnerabilities.

VCID-x6rq-m1e2-aaab
Aliases:
CVE-2020-26939
GHSA-72m5-fvvv-55m6

Observable Differences in Behavior to Error Inputs in Bouncy Castle

1.61
Affected by 3 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T16:48:26.947437+00:00	GitLab Importer	Affected by	VCID-tt54-7vmn-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2023-33202.yml	36.1.3
2025-06-20T15:12:49.273517+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	36.1.3
2025-06-20T15:12:48.979351+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	None	36.1.3
2025-06-03T23:26:03.360069+00:00	GitLab Importer	Affected by	VCID-tt54-7vmn-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2023-33202.yml	36.1.0
2025-06-03T21:55:16.792007+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	36.1.0
2025-06-03T21:55:16.510459+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	None	36.1.0
2025-06-02T23:23:38.344317+00:00	GitLab Importer	Affected by	VCID-tt54-7vmn-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2023-33202.yml	36.1.2
2025-06-02T21:40:34.957328+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	36.1.2
2025-06-02T21:40:34.651679+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	None	36.1.2
2025-04-03T21:46:08.690729+00:00	GitLab Importer	Affected by	VCID-tt54-7vmn-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2023-33202.yml	36.0.0
2025-04-03T18:43:00.329946+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	36.0.0
2025-04-03T18:42:59.723105+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	None	36.0.0
2025-02-18T05:20:11.776046+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	None	35.1.0
2025-02-18T05:20:10.547590+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	35.1.0
2025-02-18T03:27:43.838141+00:00	GitLab Importer	Affected by	VCID-tt54-7vmn-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2023-33202.yml	35.1.0
2024-11-21T01:55:14.046076+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	35.0.0
2024-11-21T00:46:48.838319+00:00	GitLab Importer	Affected by	VCID-tt54-7vmn-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2023-33202.yml	35.0.0
2024-11-19T01:45:20.523191+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	34.3.2
2024-11-19T00:32:38.156446+00:00	GitLab Importer	Affected by	VCID-tt54-7vmn-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2023-33202.yml	34.3.2
2024-10-17T04:54:14.985065+00:00	GitLab Importer	Affected by	VCID-tt54-7vmn-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2023-33202.yml	34.0.2
2024-10-08T02:11:40.587626+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	34.0.2
2024-10-07T21:27:28.615218+00:00	GHSA Importer	Affected by	VCID-tt54-7vmn-aaaj	https://github.com/advisories/GHSA-wjxj-5m7g-mg7q	34.0.2
2024-10-07T18:39:51.357015+00:00	GHSA Importer	Affected by	VCID-x6rq-m1e2-aaab	https://github.com/advisories/GHSA-72m5-fvvv-55m6	34.0.2
2024-10-07T18:28:02.491168+00:00	GHSA Importer	Affected by	VCID-2u2e-ux7t-aaar	https://github.com/advisories/GHSA-6xx3-rg99-gc3p	34.0.2
2024-09-23T02:10:30.733901+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	34.0.1
2024-09-22T21:59:49.799162+00:00	GHSA Importer	Affected by	VCID-tt54-7vmn-aaaj	https://github.com/advisories/GHSA-wjxj-5m7g-mg7q	34.0.1
2024-09-22T19:34:37.743219+00:00	GHSA Importer	Affected by	VCID-x6rq-m1e2-aaab	https://github.com/advisories/GHSA-72m5-fvvv-55m6	34.0.1
2024-09-22T19:16:07.853649+00:00	GHSA Importer	Affected by	VCID-2u2e-ux7t-aaar	https://github.com/advisories/GHSA-6xx3-rg99-gc3p	34.0.1
2024-04-24T04:40:07.634997+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	None	34.0.0rc4
2024-04-24T04:40:06.661947+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	34.0.0rc4
2024-04-24T00:30:51.115800+00:00	GHSA Importer	Affected by	VCID-tt54-7vmn-aaaj	https://github.com/advisories/GHSA-wjxj-5m7g-mg7q	34.0.0rc4
2024-04-23T20:23:35.913904+00:00	GHSA Importer	Affected by	VCID-x6rq-m1e2-aaab	https://github.com/advisories/GHSA-72m5-fvvv-55m6	34.0.0rc4
2024-04-23T20:12:25.396271+00:00	GHSA Importer	Affected by	VCID-2u2e-ux7t-aaar	https://github.com/advisories/GHSA-6xx3-rg99-gc3p	34.0.0rc4
2024-04-23T20:12:24.751205+00:00	GHSA Importer	Affected by	VCID-2u2e-ux7t-aaar	None	34.0.0rc4
2024-01-10T07:13:31.101438+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	None	34.0.0rc2
2024-01-10T07:13:30.075577+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	34.0.0rc2
2024-01-09T22:02:17.356749+00:00	GHSA Importer	Affected by	VCID-2u2e-ux7t-aaar	https://github.com/advisories/GHSA-6xx3-rg99-gc3p	34.0.0rc2
2024-01-09T22:02:16.576683+00:00	GHSA Importer	Affected by	VCID-2u2e-ux7t-aaar	None	34.0.0rc2
2024-01-03T23:59:08.628522+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	None	34.0.0rc1
2024-01-03T23:59:07.654796+00:00	GitLab Importer	Affected by	VCID-2u2e-ux7t-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2020-15522.yml	34.0.0rc1
2024-01-03T17:47:28.019236+00:00	GHSA Importer	Affected by	VCID-2u2e-ux7t-aaar	https://github.com/advisories/GHSA-6xx3-rg99-gc3p	34.0.0rc1
2024-01-03T16:43:07.463521+00:00	GHSA Importer	Affected by	VCID-2u2e-ux7t-aaar	None	34.0.0rc1

2025-06-20T16:48:26.947437+00:00

GitLab Importer

Affected by

VCID-tt54-7vmn-aaaj

https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-ext-jdk15on/CVE-2023-33202.yml

36.1.3

2025-06-20T15:12:49.273517+00:00

GitLab Importer

Affected by

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.5