漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
PKIX draft CompositeVerifier accepts empty signature sequence as valid.
Vulnerability Description
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules). This vulnerability is associated with program files JcaContentVerifierProviderBuilder.Java. This issue affects BC-JAVA: from 1.67 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11.
CVSS Information
N/A
Vulnerability Type
使用已被攻破或存在风险的密码学算法
Vulnerability Title
Bouncy Castle Java 安全漏洞
Vulnerability Description
Bouncy Castle Java是Legion of the Bouncy Castle Inc开源的一个加密算法程序。 Bouncy Castle Java 1.49至1.84之前版本存在安全漏洞,该漏洞源于使用有缺陷的加密算法,可能导致接受空签名序列为有效。
CVSS Information
N/A
Vulnerability Type
N/A