Description
In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
References (8)
Core 8
Core References
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
Third Party Advisory vendor-advisory
https://access.redhat.com/errata/RHSA-2018:2669
Third Party Advisory vendor-advisory
https://usn.ubuntu.com/3727-1/
Third Party Advisory vendor-advisory
https://access.redhat.com/errata/RHSA-2018:2927
Third Party Advisory mailing-list
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
Patch, Third Party Advisory
https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0
Third Party Advisory
https://security.netapp.com/advisory/ntap-20231006-0011/
Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html
Scores
CVSS v3
7.5
EPSS
0.0185
EPSS Percentile
76.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-347
Status
published
Products (8)
bouncycastle/legion-of-the-bouncy-castle-java-crytography-api
1.38 - 1.56
canonical/ubuntu_linux
14.04
netapp/7-mode_transition_tool
org.bouncycastle/bcprov-jdk14
1.38 - 1.56Maven
org.bouncycastle/bcprov-jdk15
1.38 - 1.56Maven
org.bouncycastle/bcprov-jdk15on
1.38 - 1.56Maven
redhat/satellite
6.4
redhat/satellite_capsule
6.4
Published
Jun 01, 2018
Tracked Since
Feb 18, 2026