DescriptionThe Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."
Overall state of this security issue: Ignore
This issue is currently rated as having critical severity.
|National Vulnerability Database|
- TID7021937, published Sa 3. Mär 12:00:22 CET 2018