CVE-2020-26939

Published: Nov 2, 2020Modified: Jul 17, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext that decrypts to a short payload in the OAEP Decoder could result in the throwing of an early exception, potentially leaking some information about the private exponent of the RSA private key performing the encryption.

Affected (2)

Products: Bouncycastle: Fips Java Api, Legion Of The Bouncy Castle

2 products

Legion Of The Bouncy Castle

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Bouncycastle Fips Java Api	Before 1.0.1.2
Bouncycastle Legion Of The Bouncy Castle	Before 1.61

Related CWEs

Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

References (4)

https://github.com/bcgit/bc-java/wiki/CVE-2020-26939

Source: cve@mitre.org

PatchThird Party Advisory

https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E

Source: cve@mitre.org

https://github.com/bcgit/bc-java/wiki/CVE-2020-26939

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.