Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| bouncycastle | bc-java | 1.54 - 1.59 | - |
| bouncycastle | fips_java_api | 1.0.1 | - |
| debian | debian_linux |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
29
Affected Products
42
References
bouncycastle / bc-java
| - |
| - |
| oracle | api_gateway | - | - |
| oracle | business_process_management_suite | - | - |
| oracle | business_process_management_suite | - | - |
| oracle | business_process_management_suite | - | - |
| oracle | business_transaction_management | - | - |
| oracle | communications_application_session_controller | - | - |
| oracle | communications_application_session_controller | - | - |
| oracle | communications_converged_application_server | 7.0.0.1 | - |
| oracle | communications_webrtc_session_controller | 7.2 | - |
| oracle | enterprise_repository | - | - |
| oracle | managed_file_transfer | - | - |
| oracle | managed_file_transfer | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | retail_convenience_and_fuel_pos_software | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | retail_xstore_point_of_service | - | - |
| oracle | soa_suite | - | - |
| oracle | soa_suite | - | - |
| oracle | webcenter_portal | - | - |
| oracle | webcenter_portal | - | - |
| oracle | weblogic_server | - | - |
| netapp | oncommand_workflow_automation | - | - |
| redhat | virtualization | - | - |
| redhat | jboss_enterprise_application_platform | - | - |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability
Impact