Описание
Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher.
This issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0.
A flaw was found in Bouncy Castle for Java bc-fips. This out-of-bounds write vulnerability, located in the org/bouncycastle/jcajce/provider/BaseCipher program files, could allow a local attacker to cause information disclosure, data modification, or a denial of service without requiring any privileges or user interaction.
Отчет
This vulnerability is rated Moderate. However, Red Hat products are not affected by this vulnerability as the vulnerable code is not present in the shipped components.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss Enterprise Application Platform 8 | bc-fips | Not affected | ||
| Red Hat JBoss Enterprise Application Platform Expansion Pack | bc-fips | Not affected |
Показывать по
Дополнительная информация
Статус:
5.9 Medium
CVSS3
Связанные уязвимости
Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher. This issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0.
Bouncy Castle for Java has Out-of-Bounds Write Vulnerability
5.9 Medium
CVSS3