Product:

Bouncy_castle_crypto_package

(Bouncycastle)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 1
Date Id Summary Products Score Patch Annotated
2015-11-09 CVE-2015-7940 The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack." Bouncy_castle_crypto_package, Leap, Opensuse, Application_testing_suite, Enterprise_manager_ops_center, Peoplesoft_enterprise_peopletools, Virtual_desktop_infrastructure N/A