Download
| Alert*
oval:org.secpod.oval:def:110042
bouncycastle is installed oval:org.secpod.oval:def:110041 The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. The package is organized so that it contains a light-weight API suitable for use in any environment with the additional infrastructure to conform the algorithms to the JCE framework. oval:org.secpod.oval:def:112326 The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. The package is organized so that it contains a light-weight API suitable for use in any environment with the additional infrastructure to conform the algorithms to the JCE framework. oval:org.secpod.oval:def:89049111 This update for bouncycastle fixes the following issues: * CVE-2023-33201: Fixed an issue with the X509LDAPCertStoreSpi where a specially crafted certificate subject could be used to try and extract extra information out of an LDAP server . oval:org.secpod.oval:def:114664 The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8. oval:org.secpod.oval:def:114661 The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8. oval:org.secpod.oval:def:115989 The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8. oval:org.secpod.oval:def:19500326 A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unau ... oval:org.secpod.oval:def:115030 The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8. oval:org.secpod.oval:def:19500555 Bouncy Castle for Java before 1.73 contains a potential Denial of Service issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN. ... oval:org.secpod.oval:def:89051444 This update for bouncycastle, jsch fixes the following issues: * Updated jsch to version 0.2.15: * CVE-2023-48795: Fixed a prefix truncation issue that could lead to disclosure of sensitive information . * Updated bouncycastle to version 1.77. |