VDB
DEBIAN-CVE-2020-15522
DEBIAN-CVE-2020-15522
PUBLISHED
CVSS 5.900000095367432 MEDIUM
Bouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures.
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | bouncycastle | 0, 0, 0 |
| Debian:14 | bouncycastle | 0, 0, 0 |
| Debian:11 | bouncycastle | 0, 0, 0 |
| Debian:13 | bouncycastle | 0, 0, 0 |
Timeline
- May 20, 2021 CVE Published
- Apr 28, 2026 CVE Updated