Insecure Encryption Affecting org.bouncycastle:bcprov-jdk15on Open this link in a new tab package, versions [,1.56)
Do your applications use this vulnerable package?
13 Jun 2018
27 Aug 2016
org.bouncycastle:bcprov-jdk15on is a Java implementation of cryptographic algorithms.
Affected versions of this package are vulnerable to Insecure Encryption. The
ECIES implementation allowed the use of
ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.
org.bouncycastle:bcprov-jdk15on to version 1.56 or higher.