[#11491] - CVE-2016-1000338 - Bouncy Castle Crypto package

Category:
Bug report
Priority:
High
Status:
New
Project: Severity:
Major
Resolution:
Open
Component: Reproducibility:
Always
Assigned to:
0

The following vulnrability has been detected by Snyk, any plans to update the version 1.60 of The Bouncy Castle Crypto package?

CVE-2016-1000338

Vulnerable module: org.bouncycastle:bcprov-jdk15on
Introduced through: net.sf.jasperreports:jasperreports@6.7.0

https://app.snyk.io/vuln/SNYK-JAVA-ORGBOUNCYCASTLE-32340

v6.7.0
costa.christodoulou's picture
Joined: Dec 5 2018 - 5:49am
Last seen: 2 months 1 week ago
Feedback
randomness