Filtered by vendor Bouncycastle
Subscriptions
Filtered by product Bouncy Castle Crypto Package
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-7940 | 4 Bouncycastle, Opensuse, Oracle and 1 more | 9 Bouncy Castle Crypto Package, Leap, Opensuse and 6 more | 2024-11-21 | N/A |
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack." |
Page 1 of 1.