cvelist/2016/1000xxx/CVE-2016-1000344.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "dgh@bouncycastle.org",
      "ID" : "CVE-2016-1000344",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Bouncy Castle JCE Provider",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "1.55 and before"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "The Legion of the Bouncy Castle Inc."
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f",
            "refsource" : "CONFIRM",
            "url" : "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f"
         },
         {
            "name" : "https://security.netapp.com/advisory/ntap-20181127-0004/",
            "refsource" : "CONFIRM",
            "url" : "https://security.netapp.com/advisory/ntap-20181127-0004/"
         },
         {
            "name" : "RHSA-2018:2669",
            "refsource" : "REDHAT",
            "url" : "https://access.redhat.com/errata/RHSA-2018:2669"
         },
         {
            "name" : "RHSA-2018:2927",
            "refsource" : "REDHAT",
            "url" : "https://access.redhat.com/errata/RHSA-2018:2927"
         }
      ]
   }
}
more bouncycastle CVEs 2018-06-04 13:28:03 -06:00			`{`
- Synchronized data. 2018-06-04 17:03:58 -04:00			`"CVE_data_meta" : {`
			`"ASSIGNER" : "dgh@bouncycastle.org",`
			`"ID" : "CVE-2016-1000344",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "Bouncy Castle JCE Provider",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "1.55 and before"`
			`}`
			`]`
			`}`
			`}`
more bouncycastle CVEs 2018-06-04 13:28:03 -06:00			`]`
- Synchronized data. 2018-06-04 17:03:58 -04:00			`},`
			`"vendor_name" : "The Legion of the Bouncy Castle Inc."`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"`
			`}`
more bouncycastle CVEs 2018-06-04 13:28:03 -06:00			`]`
- Synchronized data. 2018-06-04 17:03:58 -04:00			`}`
more bouncycastle CVEs 2018-06-04 13:28:03 -06:00			`]`
- Synchronized data. 2018-06-04 17:03:58 -04:00			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
			`"name" : "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f"`
- Synchronized data. 2018-09-12 06:07:32 -04:00			`},`
- Synchronized data. 2018-11-28 06:09:16 -05:00			`{`
			`"name" : "https://security.netapp.com/advisory/ntap-20181127-0004/",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://security.netapp.com/advisory/ntap-20181127-0004/"`
			`},`
- Synchronized data. 2018-09-12 06:07:32 -04:00			`{`
			`"name" : "RHSA-2018:2669",`
			`"refsource" : "REDHAT",`
			`"url" : "https://access.redhat.com/errata/RHSA-2018:2669"`
- Synchronized data. 2018-10-17 06:08:18 -04:00			`},`
			`{`
			`"name" : "RHSA-2018:2927",`
			`"refsource" : "REDHAT",`
			`"url" : "https://access.redhat.com/errata/RHSA-2018:2927"`
- Synchronized data. 2018-06-04 17:03:58 -04:00			`}`
			`]`
			`}`
more bouncycastle CVEs 2018-06-04 13:28:03 -06:00			`}`