Back to search
CVE-2020-15522
Published: May 20, 2021
Modified: Aug 4, 2024
PUBLISHED
Description
Bouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.bouncycastle.org/releasenotes.html
x_refsource_MISC
https://github.com/bcgit/bc-java/wiki/CVE-2020-15522
x_refsource_MISC
https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522
x_refsource_MISC
https://security.netapp.com/advisory/ntap-20210622-0007/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now