exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2015-7940

около 10 лет назад

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

CVSS2: 5

EPSS: Низкий

CVE-2015-7940

больше 10 лет назад

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

CVSS3: 3.7

EPSS: Низкий

CVE-2015-7940

около 10 лет назад

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

CVSS2: 5

EPSS: Низкий

CVE-2015-7940

около 10 лет назад

The Bouncy Castle Java library before 1.51 does not validate a point i ...

CVSS2: 5

EPSS: Низкий

openSUSE-SU-2015:1911-1

больше 10 лет назад

Security update for bouncycastle

EPSS: Низкий

GHSA-4mv7-cq75-3qjm

больше 7 лет назад

Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

EPSS: Низкий

BDU:2015-12115

больше 10 лет назад

Уязвимость средства криптографической защиты Bouncy Castle и операционной системы openSUSE, позволяющая нарушителю получить доступ к закрытому ключу

CVSS2: 5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2015-7940 The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."	CVSS2: 5	1% Низкий	около 10 лет назад
CVE-2015-7940 The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."	CVSS3: 3.7	1% Низкий	больше 10 лет назад
CVE-2015-7940 The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."	CVSS2: 5	1% Низкий	около 10 лет назад
CVE-2015-7940 The Bouncy Castle Java library before 1.51 does not validate a point i ...	CVSS2: 5	1% Низкий	около 10 лет назад
openSUSE-SU-2015:1911-1 Security update for bouncycastle		1% Низкий	больше 10 лет назад
GHSA-4mv7-cq75-3qjm Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15		1% Низкий	больше 7 лет назад
BDU:2015-12115 Уязвимость средства криптографической защиты Bouncy Castle и операционной системы openSUSE, позволяющая нарушителю получить доступ к закрытому ключу	CVSS2: 5	1% Низкий	больше 10 лет назад

Уязвимостей на страницу