Skip to content

False Negative : Bouncycastle #1500

Closed
Closed
False Negative : Bouncycastle#1500
Labels
bug
@stboissdev

Description

@stboissdev
stboissdev
opened on Sep 25, 2018

for org.bouncycastle:bcprov-jdk15:1.46, 3 vulnerabilities exists (https://snyk.io/vuln/maven:org.bouncycastle:bcprov-jdk15 : CVE-2013-1624, CVE-2015-7940, CVE-2018-5382) but only one (CVE-2015-7940) is discover by ODC

<dependency>
   <groupId>org.bouncycastle</groupId>
   <artifactId>bcprov-jdk15</artifactId>
   <version>1.46</version>
</dependency>

cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:*:*:*:*:*:*:*:*
or
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:*:*:*:*:*:*:*:*

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions