{"id":"CVE-2016-1000342","details":"In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.","aliases":["GHSA-qcj7-g2j5-g7r3"],"modified":"2026-04-16T06:18:12.871488056Z","published":"2018-06-04T13:29:00.387Z","related":["openSUSE-SU-2024:10661-1"],"references":[{"type":"WEB","url":"https://usn.ubuntu.com/3727-1/"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:2669"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:2927"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20181127-0004/"},{"type":"FIX","url":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/bcgit/bc-java","events":[{"introduced":"0"},{"last_affected":"70b39c9a84327f522bcbe89d5a5fda65ebf630ac"},{"fixed":"843c2e60f67d71faf81d236f448ebbe56c62c647"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.55"}]}}],"versions":["r1rv49","r1rv50","r1rv51","r1rv52","r1rv53","r1rv54","r1rv55"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-1000342.json","vanir_signatures":[{"signature_type":"Line","source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","deprecated":false,"target":{"file":"core/src/main/java/org/bouncycastle/asn1/ASN1Integer.java"},"signature_version":"v1","id":"CVE-2016-1000342-249f616d","digest":{"threshold":0.9,"line_hashes":["257425269983222656219842717844715799170","26163569507345588708699232633355024666","225570389164221845432034441669936621194","180875236743972398055858563081505182187"]}},{"signature_type":"Line","source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","deprecated":false,"target":{"file":"core/src/main/java/org/bouncycastle/asn1/ASN1Enumerated.java"},"signature_version":"v1","id":"CVE-2016-1000342-46405252","digest":{"threshold":0.9,"line_hashes":["215219807747928108828833443599509753831","137041855321333326620864517687760704463","312146796212084741363458877722545616664","333414212967175228106611218747642255707"]}},{"target":{"function":"performTest","file":"core/src/test/java/org/bouncycastle/asn1/test/MiscTest.java"},"source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","signature_type":"Function","deprecated":false,"signature_version":"v1","id":"CVE-2016-1000342-6a71e645","digest":{"length":1059,"function_hash":"220933315659328942017981122338364204839"}},{"target":{"function":"decode","file":"prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java"},"source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","signature_type":"Function","deprecated":false,"signature_version":"v1","id":"CVE-2016-1000342-748b62ce","digest":{"length":312,"function_hash":"278734910691241586643841700662906844285"}},{"signature_type":"Function","source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","deprecated":false,"target":{"function":"performTest","file":"prov/src/test/java/org/bouncycastle/jce/provider/test/ECDSA5Test.java"},"signature_version":"v1","id":"CVE-2016-1000342-8e601e0e","digest":{"length":219,"function_hash":"166629354532108070822167463130104286425"}},{"signature_type":"Line","source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","deprecated":false,"target":{"file":"core/src/test/java/org/bouncycastle/asn1/test/MiscTest.java"},"signature_version":"v1","id":"CVE-2016-1000342-907612d2","digest":{"threshold":0.9,"line_hashes":["319832358133027760288406488179077845721","161554379034724302030412672270464084874","135866590029664887321722074693148922208","282554236972122305574605806433117152527","98617986319438485454557457878854810841","15230371495072646291502884156367326882","109391545642665904104121926837062339161","329942142184009405323326196099659975311","119261302162161531581944348082986241849","176395810663714459922131484924591176350","45882598256556373638042035379670621227","173954566142468940627506458882626977811"]}},{"target":{"function":"derDecode","file":"prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java"},"source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","signature_type":"Function","deprecated":false,"signature_version":"v1","id":"CVE-2016-1000342-93adda44","digest":{"length":316,"function_hash":"100393218655753613535427303270331315545"}},{"signature_type":"Function","source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","deprecated":false,"target":{"function":"ASN1Enumerated","file":"core/src/main/java/org/bouncycastle/asn1/ASN1Enumerated.java"},"signature_version":"v1","id":"CVE-2016-1000342-a0313d0b","digest":{"length":73,"function_hash":"212919764925938076734138100248791307244"}},{"target":{"function":"ASN1Integer","file":"core/src/main/java/org/bouncycastle/asn1/ASN1Integer.java"},"source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","signature_type":"Function","deprecated":false,"signature_version":"v1","id":"CVE-2016-1000342-c4efb6b8","digest":{"length":113,"function_hash":"87277759174644206792808356571638029592"}},{"signature_type":"Line","source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","deprecated":false,"target":{"file":"prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java"},"signature_version":"v1","id":"CVE-2016-1000342-c55c799d","digest":{"threshold":0.9,"line_hashes":["51575529188658924818262151907613048932","53804009320531330339798477897393208475","116766493604351544922730511529458697490","296219117245715262958522001024846181724","260037792847250757838585266527247876251","106023638279590469487116763667129695452","216554689925364997874886150330321602023","79174272103476305712229887461463509162"]}},{"signature_type":"Line","source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","deprecated":false,"target":{"file":"prov/src/test/java/org/bouncycastle/jce/provider/test/ECDSA5Test.java"},"signature_version":"v1","id":"CVE-2016-1000342-c80ee0ec","digest":{"threshold":0.9,"line_hashes":["24550506322454198274180104319250219573","10870921454543669044138594081539810575","137058703302594774882029851823261879650","109219649528369884105762375967863617225","12542597924490212169347186152649989443","250225563269739024776859862032011025272","162611985868095469436374288174448598731","301298247282705924415091856729898431427","270322147511697990977939735534363583718","267723631221442801979097145696147437307","333754584384245501510468932543670420434","95775528828519581547333337077531557901","255444633053792748649047472320548636514","77702661047941994212636052582839756337","218362899406139982128665981079495061687","267701081813205585641020875484255778466","282900258518192890822833212550327400586","42247563924466169329151964419179810317","305156217157970354116377045128032748556","84381330538997707181186662728407857200","21151889711636680407941018529401413623","146688562715650779932072815864015335946","45791118173062655934413331128136442056","252234620855861422697330095988304075064","98827027973841999852147393637186809144","37778187173338366173887991381752707035","255060137682497709733805931940840276922","192152789737413084231629543229019950482","146497084855399997216800535950748212207","8601816038566739568701924393377900104","239107758723751931934210481455025413734","6210276050360086999357623721106798191","189720666618071301287421961960704805124","89545306349454993943609960862077008187","150187605613290915177503421566354612678","45432455463430162153393867276250187723","49405386426579685105467801073350762743","243066268558506473201644747020961881099","314251582956150229583095294837805689876","280781712862262370938980245438683006697","234072376088645195498147807289837054814","154394356217229007638643697429246061739","201766004821667736829225520549987290507","132173023120433608733139929765157354008","106217611029078652437124474330450631094","68055518102091055513090752946728865271","33321909900317436863388198582832936542","50654284557559235614672983468154856746","95879223297704032598828566594763070999","274802503416377680511730102301217745807","263277826238649455317368260817011299672","316821212726901757359000468453287419169","299615412578062664442550638220156875345","333234319198126805377435987901462257828","320902565554811587481147828894186492091","83814266553281279233905939109741963617","322866554232823701751711121996053268451","202911388302372306351971113799253465154","94367309541019469473522573728954937661","311207748570323304208045646877195483088","107455127301978438050229771050425880562","192942889693156414466677728326555651642","192355467144009100059245327819035284629","139953110793753575491031031278376858613","230698688361582889158800829169497771335","102679870586076814005990154480374177306","252011344313911923086841341979286042550","43796381533312842743268473867235076700","285509233014735751526516145254854606639","54723454569702465699575746741766715382","180090142483310392355458193778070152056","119697028093917144273703221409118316661","39236455861373914212635252980788364997","43364949489922472630736115498544946726","27868396786232242728198712402480171116","66830154731983965891476668575052368787","137115198540682716104386204495433079369","151770695493601038897032322474244540020","320915024508569044507367704018422438589","324736032187999448721509456958700943383","46767811646565222802071529149289021957","112144537612813678861413983900222896804","198180276975540181065544278131915706770","49434010950524073634862115041030128125","45432455463430162153393867276250187723","49405386426579685105467801073350762743","243066268558506473201644747020961881099","314251582956150229583095294837805689876","280781712862262370938980245438683006697","234072376088645195498147807289837054814","1951800543720477837056577763739793521","205281333345782348683605077537691345660","23518148289621097149341695395388438283","89146136735038338387541002370330274978","289077585363108134731906429160112479101","167132570196262597453948642033293131747","195402957403452026280617226773209080323","199849477526740800518428973338713971574","230550055001624889933335358727706878595","18078917092124440131946864326442485505","243249246988460866648517857909074427459","100844139142952997850705415219414928786","283775190167060732858653772775568980129","275855504869858235684156305681543672260","141583259393955081835319688182619216046","322350508892420032859618633818442533884","72497349367352800303915748813017780801","273860486387223142705826350849608048263","57701850416043928046356745466103280094","70348778597374679643851716522146806164","114899832988249711298528525563874673626","174331837681323776013817745202389337023","44445359183843133108750582288676919656","152328924997472999216818251350142484606","204396789255110549200529091642817964368","86765470063216216284500162679793115768","197700397733475967827882809781018692235","314456863513503196942591252478574911082","228701181864047348202228418062034103138","126974711024112313829153056160283257896","72773335433136164633509571724834657277","136626994454780660102234034049867882203","257598025120703473450111619719624269547","284034265740311913517519924109122242081","288862661286002856887139988812115643269","155084060787730193507350756703944211816","183664752886138785649697969913334019058","237392234714405169957697994219540413220","145532043215669667427752749012318836","191111942178987437274680594523147288432","38948671665698212368545524807535200060","320113562205362922121715964658120880707","90210092506469579500330739982440998903","150755779915039616650982950186322316159","190242612720004326271248521609149040464","300254822935532982500282356011048396573","309127774862841362053757758353499807868","22883070364637283545061955032372669785","296742567743586948105516980100598221485","257507488683985178861304255482563901659","212435565397029009515188204870636354136","128402622077010041092948694919035807142","256229870397116995811119921481405601195","150729929333214475714821393679993543265","201239472720753378471368147852545645687","50348890445711158276393604465613099928","226968921220429700069905001694023300971","262026129866007246631841909656875444841","169543724255397462280321885256570424456","236252312362542923467955634389658884135","237666651887395215504419744054639804892","321286008977001109901347496280261631878","297596651538282087114877033152352586141","52788950046790536061019508819507385495","334717687984906351876015017282026947151","87761432312862012814286132314525502506","316847827313078930434752910257781693261","4968908499089915763853188923857963104","19204610291099095136410975051020036907","161374838074741889965706815960646264073","321481009807618678290061659785401357103","58947739515433813260128220652485392803"]}},{"digest":{"threshold":0.9,"line_hashes":["177096546541748867367699780445057275796","175169187112491961158928739515511190834","237037185336860219074247505274982189088","8787383257664020889431354964410337547","38540829165118039058582367117072218841","264167280836535600889299342201772795234","303454827840705382374021863600642451851","5283545115524138254617159394901560465","54339207175021658509884097720332228201","218625212133909611484304573071760215628","267096831272934439079272463386709377869","260621397118956908602503841567252636523"]},"source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","deprecated":false,"target":{"file":"prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java"},"signature_version":"v1","id":"CVE-2016-1000342-deb37df3","signature_type":"Line"},{"target":{"file":"prov/src/test/java/org/bouncycastle/jce/provider/test/DSATest.java"},"source":"https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647","signature_type":"Line","deprecated":false,"signature_version":"v1","id":"CVE-2016-1000342-ff61f771","digest":{"threshold":0.9,"line_hashes":["147470155920277528110411409437537909400","271712012220061427488427756957726932476","190245558476828372758443146424986729486","179693620519994112302358845783008834318"]}}],"vanir_signatures_modified":"2026-04-11T03:36:43Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}