Bouncycastle Bc-java
3 CVEs affecting Bouncycastle Bc-java. Latest disclosed: 2017-12-13. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-13098 | High | 7.5 | 2017-12-13 | BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbach… |
CVE-2016-2427 | Medium | 5.5 | 2016-04-18 | The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for… |
CVE-2013-1624 | | 2013-02-08 | The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a nonc… |