bouncycastle legion-bouncy-castle-java-crytography-api CVE-2020-28052 vulnerability in Bouncycastle and Other Products
Published on December 18, 2020

product logo product logo product logo product logo
An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different.

NVD


Products Associated with CVE-2020-28052

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-28052 are published in these products:

Bouncycastle Legion Bouncy Castle Java Crytography Api
 
Apache Solr
 
Apache Karaf
 
Oracle Communications Application Session Controller
 
Oracle Communications Cloud Native Core Network Slice Selection Function
 
Oracle Communications Pricing Design Center
 
Oracle Jd Edwards Enterpriseone Tools
 
Oracle Peoplesoft Enterprise Peopletools
 
Oracle Utilities Framework
 
Oracle Webcenter Portal
 
Oracle Communications Messaging Server
 
Oracle Banking Corporate Lending Process Management
 
Oracle Banking Credit Facilities Process Management
 
Oracle Banking Extensibility Workbench
 
Oracle Banking Supply Chain Finance
 
Oracle Banking Virtual Account Management
 
Oracle Communications Session Report Manager
 
Oracle Communications Session Route Manager
 
Oracle Communications Convergence
 
Oracle Blockchain Platform
 
Oracle Commerce Guided Search
 
Bouncycastle Bc Java
 

Exploit Probability

EPSS
3.06%
Percentile
86.46%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.