VYPR

apk package

wolfi/ruby3.4-bouncy-castle-java

pkg:apk/wolfi/ruby3.4-bouncy-castle-java

Vulnerabilities (2)

  • CVE-2026-5598HigApr 15, 2026
    affected < 1.5.0146.1-r7fixed 1.5.0146.1-r7

    Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.

  • CVE-2026-0636MedApr 15, 2026
    affected < 1.5.0146.1-r7fixed 1.5.0146.1-r7

    Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from