FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
89d5bca6-0150-11ec-bf0c-080027eedc6aThe Bouncy Castle Crypto APIs -- EC math vulnerability

The Bouncy Castle team reports::

Bouncy Castle BC Java before 1.66 has a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures.


Discovery 2020-07-04
Entry 2021-08-20
bouncycastle15
lt 1.66

bouncycastle
lt 1.66

CVE-2020-15522
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15522