exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2016-1000342

больше 7 лет назад

In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.

CVSS3: 7.5

EPSS: Низкий

CVE-2016-1000342

больше 7 лет назад

In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.

CVSS3: 5.1

EPSS: Низкий

CVE-2016-1000342

больше 7 лет назад

In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.

CVSS3: 7.5

EPSS: Низкий

CVE-2016-1000342

больше 7 лет назад

In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does ...

CVSS3: 7.5

EPSS: Низкий

GHSA-qcj7-g2j5-g7r3

больше 7 лет назад

In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification

CVSS3: 7.5

EPSS: Низкий

openSUSE-SU-2018:1689-1

больше 7 лет назад

Security update for bouncycastle

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2016-1000342 In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.	CVSS3: 7.5	0% Низкий	больше 7 лет назад
CVE-2016-1000342 In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.	CVSS3: 5.1	0% Низкий	больше 7 лет назад
CVE-2016-1000342 In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.	CVSS3: 7.5	0% Низкий	больше 7 лет назад
CVE-2016-1000342 In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does ...	CVSS3: 7.5	0% Низкий	больше 7 лет назад
GHSA-qcj7-g2j5-g7r3 In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification	CVSS3: 7.5	0% Низкий	больше 7 лет назад
openSUSE-SU-2018:1689-1 Security update for bouncycastle			больше 7 лет назад

Уязвимостей на страницу