Vulnerabilities

 3 via 3 paths

Dependencies

 77

Source

 GitHub

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 2
  • 1
Status
  • 3
  • 0
  • 0

high severity

Use of a Broken or Risky Cryptographic Algorithm

  • Vulnerable module: org.bouncycastle:bcprov-jdk18on
  • Introduced through: org.springframework.cloud:spring-cloud-config-server@5.0.4

Detailed paths

  • Introduced through: ar-ecommerce-platform/config-server@ar-ecommerce-platform/config-server org.springframework.cloud:spring-cloud-config-server@5.0.4 org.springframework.cloud:spring-cloud-config-client@5.0.4 org.springframework.cloud:spring-cloud-starter@5.0.2 org.bouncycastle:bcprov-jdk18on@1.81.1

Overview

Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the generateCTR process in G3413CTRBlockCipher. An attacker can recover relationships between encrypted plaintext blocks by driving the cipher past its counter range and causing the counter to wrap, which makes the stream repeat and produces identical ciphertext for different blocks. This breaks the confidentiality of data protected with G3413CTRBlockCipher and can expose plaintext patterns or allow plaintext recovery when the same key and IV are reused across enough blocks.

Remediation

Upgrade org.bouncycastle:bcprov-jdk18on to version 1.84 or higher.

References

Use of a Broken or Risky Cryptographic Algorithm vulnerability report

high severity

Timing Attack

  • Vulnerable module: org.bouncycastle:bcprov-jdk18on
  • Introduced through: org.springframework.cloud:spring-cloud-config-server@5.0.4

Detailed paths

  • Introduced through: ar-ecommerce-platform/config-server@ar-ecommerce-platform/config-server org.springframework.cloud:spring-cloud-config-server@5.0.4 org.springframework.cloud:spring-cloud-config-client@5.0.4 org.springframework.cloud:spring-cloud-starter@5.0.2 org.bouncycastle:bcprov-jdk18on@1.81.1

Overview

Affected versions of this package are vulnerable to Timing Attack through the sample and sample_matrix functions in FrodoEngine.java. An attacker can recover information about the sampled noise values by observing how long Frodo key generation or encapsulation takes when it processes attacker-influenced inputs. The variable-time comparison and sign handling in the error sampler leak the distribution of the generated samples, weakening the secrecy of the private Frodo noise and enabling key-recovery attacks against affected deployments.

Remediation

Upgrade org.bouncycastle:bcprov-jdk18on to version 1.84 or higher.

References

Timing Attack vulnerability report

medium severity

LDAP Injection

  • Vulnerable module: org.bouncycastle:bcprov-jdk18on
  • Introduced through: org.springframework.cloud:spring-cloud-config-server@5.0.4

Detailed paths

  • Introduced through: ar-ecommerce-platform/config-server@ar-ecommerce-platform/config-server org.springframework.cloud:spring-cloud-config-server@5.0.4 org.springframework.cloud:spring-cloud-config-client@5.0.4 org.springframework.cloud:spring-cloud-starter@5.0.2 org.bouncycastle:bcprov-jdk18on@1.81.1

Overview

Affected versions of this package are vulnerable to LDAP Injection via the parseDN handling and the LDAP store helpers in X509LDAPCertStoreSpi and LDAPStoreHelper. An attacker can influence LDAP search filters by supplying a crafted X.500 subject or issuer string that is parsed into an unescaped filter value. This lets the attacker alter the directory query used to locate certificates and CRLs, causing the application to retrieve incorrect LDAP entries or fail to find the intended ones, which can break certificate validation and revocation checks.

Remediation

Upgrade org.bouncycastle:bcprov-jdk18on to version 1.84 or higher.

References

LDAP Injection vulnerability report