CVE-2016-1000338
HIGH7.5EPSS 0.38%bouncycastle - security update
發布日:2018/10/17修改日:2026/4/28
描述
In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
受影響套件(5)
- Debian/bouncycastlefrom 0, < 1.56-1
- Debian/bouncycastlefrom 0, < 1.49+dfsg-3+deb8u3
- Maven/org.bouncycastle:bcprov-jdk14>= 1.38, < 1.56
- Maven/org.bouncycastle:bcprov-jdk15>= 1.38, < 1.56
- Maven/org.bouncycastle:bcprov-jdk15on>= 1.38, < 1.56
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
參考連結(12)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2016-1000338
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2016-1000338
- PATCHhttps://github.com/bcgit/bc-java
- WEBhttps://access.redhat.com/errata/RHSA-2018:2669
- WEBhttps://access.redhat.com/errata/RHSA-2018:2927
- WEBhttps://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0
- WEBhttps://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
- WEBhttps://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
- WEBhttps://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
- WEBhttps://security.netapp.com/advisory/ntap-20231006-0011
- WEBhttps://usn.ubuntu.com/3727-1
- WEBhttps://www.oracle.com/security-alerts/cpuoct2020.html