Ecosyste.ms: Advisories

Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2aGotOThyNi00MjRo

In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate

In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.

Permalink: https://github.com/advisories/GHSA-4vhj-98r6-424h
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2aGotOThyNi00MjRo
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: about 6 years ago
Updated: 4 months ago

CVSS Score: 7.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS Percentage: 0.00561
EPSS Percentile: 0.77953

Identifiers: GHSA-4vhj-98r6-424h, CVE-2016-1000338
References:

• https://nvd.nist.gov/vuln/detail/CVE-2016-1000338
• https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0
• https://access.redhat.com/errata/RHSA-2018:2669
• https://access.redhat.com/errata/RHSA-2018:2927
• https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
• https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
• https://www.oracle.com/security-alerts/cpuoct2020.html
• https://security.netapp.com/advisory/ntap-20231006-0011
• https://usn.ubuntu.com/3727-1
• https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
• https://github.com/advisories/GHSA-4vhj-98r6-424h

Repository: https://github.com/bcgit/bc-java
Blast Radius: 22.5

Affected Packages