Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2013-1624

The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:H/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.25 1.25.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.40 1.40.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.43 1.43.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.08 1.08.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.20 1.20.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.17 1.17.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.15 1.15.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.42 1.42.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.32 1.32.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.27 1.27.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.41 1.41.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.14 1.14.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.01 1.01.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.30 1.30.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.21 1.21.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.04 1.04.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.07 1.07.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.19 1.19.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.39 1.39.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.23 1.23.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.02 1.02.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.45 1.45.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.09 1.09.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.38 1.38.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.35 1.35.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.05 1.05.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.24 1.24.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.29 1.29.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.12 1.12.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.26 1.26.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.13 1.13.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.33 1.33.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.22 1.22.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.46 1.46.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.16 1.16.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.37 1.37.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.18 1.18.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.28 1.28.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.11 1.11.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.06 1.06.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.31 1.31.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.44 1.44.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.47 1.47.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.10 1.10.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.03 1.03.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.34 1.34.x
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api 1.36 1.36.x
bouncycastle / legion-of-the-bouncy-castle-c#-cryptography-api 0.0 0.0.x
bouncycastle / legion-of-the-bouncy-castle-c#-cryptography-api 1.1 1.1.x
bouncycastle / legion-of-the-bouncy-castle-c#-cryptography-api 1.2 1.2.x
bouncycastle / legion-of-the-bouncy-castle-c#-cryptography-api 1.3 1.3.x
bouncycastle / legion-of-the-bouncy-castle-c#-cryptography-api 1.4 1.4.x
bouncycastle / legion-of-the-bouncy-castle-c#-cryptography-api 1.7 1.7.x
bouncycastle / legion-of-the-bouncy-castle-c#-cryptography-api 1.6.1 1.6.1.x
bouncycastle / legion-of-the-bouncy-castle-c#-cryptography-api 1.0 1.0.x
bouncycastle / legion-of-the-bouncy-castle-c#-cryptography-api 1.5 1.5.x
org.bouncycastle / bcprov-jdk15on - 1.48