Vulnerability Description
In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext that decrypts to a short payload in the OAEP Decoder could result in the throwing of an early exception, potentially leaking some information about the private exponent of the RSA private key performing the encryption.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bouncycastle | Fips Java Api | < 1.0.1.2 |
| Bouncycastle | Legion-Of-The-Bouncy-Castle | < 1.61 |
Related Weaknesses (CWE)
References
- https://github.com/bcgit/bc-java/wiki/CVE-2020-26939PatchThird Party Advisory
- https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b
- https://github.com/bcgit/bc-java/wiki/CVE-2020-26939PatchThird Party Advisory
- https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b
FAQ
What is CVE-2020-26939?
CVE-2020-26939 is a vulnerability with a CVSS score of 5.3 (MEDIUM). In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inpu...
How severe is CVE-2020-26939?
CVE-2020-26939 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-26939?
Check the references section above for vendor advisories and patch information. Affected products include: Bouncycastle Fips Java Api, Bouncycastle Legion-Of-The-Bouncy-Castle.