org.bouncycastle:bcprov-debug-jdk15on@1.67 vulnerabilities
-
latest version
1.70
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
2 years ago
-
licenses detected
- [1.52,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.bouncycastle:bcprov-debug-jdk15on package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.bouncycastle:bcprov-debug-jdk15on is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Cryptographic Issues via weak key-hash message authentication code (HMAC) that is only 16 bits long which can result in hash collisions, as a result of an error within the BKS version 1 keystore (BKS-V1) files and could lead to an attacker being able to affect the integrity of these files. This vulnerability was introduced following an incomplete fix for CVE-2018-5382. How to fix Cryptographic Issues? Upgrade |
[1.52,1.69)
|