Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Legion\-Of\-The\-Bouncy\-Castle
(Bouncycastle)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 1 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-11-02 | CVE-2020-26939 | In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext that decrypts to a short payload in the OAEP Decoder could result in the throwing of an early exception, potentially leaking some information about the private exponent of the RSA private key performing... | Legion\-Of\-The\-Bouncy\-Castle, Legion\-Of\-The\-Bouncy\-Castle\-Fips\-Java\-Api | 5.3 |