CVE-2016-1000352

Опубликовано: 04 июн. 2018

Источник: nvd

CVSS3: 7.4

CVSS2: 5.8

EPSS Низкий

Описание

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*

Версия до 1.55 (включая)

EPSS

Процентиль: 59%

0.00386

Низкий

7.4 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-310

Связанные уязвимости

CVE-2016-1000352

CVSS3: 7.4

ubuntu

больше 7 лет назад

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.

CVE-2016-1000352

CVSS3: 4.8

redhat

почти 10 лет назад

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.

CVE-2016-1000352

CVSS3: 7.4

debian

больше 7 лет назад

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES i ...

GHSA-w285-wf9q-5w69

CVSS3: 7.4

github

больше 7 лет назад

In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode

openSUSE-SU-2018:1689-1

suse-cvrf

больше 7 лет назад

Security update for bouncycastle

EPSS

Процентиль: 59%

0.00386

Низкий

7.4 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-310