Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
The BouncyCastle dependency should be updated. The current version used has numerous CVEs:
bcprov-ext-jdk15on-1.51.jar (pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.51) : CVE-2015-6644, CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340, CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346, CVE-2016-1000352, CVE-2017-13098, CVE-2018-1000613
Attachments
Issue Links
- links to