{"id":"GHSA-rrvx-pwf8-p59p","summary":"In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values","details":"In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator.","aliases":["CVE-2016-1000343"],"modified":"2025-09-12T20:11:26.404347Z","published":"2018-10-17T16:24:22Z","database_specific":{"github_reviewed_at":"2020-06-16T21:55:50Z","github_reviewed":true,"nvd_published_at":"2018-06-04T13:29:00Z","cwe_ids":[],"severity":"HIGH"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1000343"},{"type":"WEB","url":"https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389#diff-5578e61500abb2b87b300d3114bdfd7d"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2018:2669"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2018:2927"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-rrvx-pwf8-p59p"},{"type":"PACKAGE","url":"https://github.com/bcgit/bc-java"},{"type":"WEB","url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20181127-0004"},{"type":"WEB","url":"https://usn.ubuntu.com/3727-1"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuoct2020.html"}],"affected":[{"package":{"name":"org.bouncycastle:bcprov-jdk14","ecosystem":"Maven","purl":"pkg:maven/org.bouncycastle/bcprov-jdk14"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.56"}]}],"versions":["1.38","1.43","1.44","1.45","1.46","1.47","1.48","1.49","1.50","1.51","1.53","1.54","1.55"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-rrvx-pwf8-p59p/GHSA-rrvx-pwf8-p59p.json"}},{"package":{"name":"org.bouncycastle:bcprov-jdk15","ecosystem":"Maven","purl":"pkg:maven/org.bouncycastle/bcprov-jdk15"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.56"}]}],"versions":["1.32","1.38","1.40","1.43","1.44","1.45","1.46"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-rrvx-pwf8-p59p/GHSA-rrvx-pwf8-p59p.json"}},{"package":{"name":"org.bouncycastle:bcprov-jdk15on","ecosystem":"Maven","purl":"pkg:maven/org.bouncycastle/bcprov-jdk15on"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.56"}]}],"versions":["1.46","1.47","1.48","1.49","1.50","1.51","1.52","1.53","1.54","1.55"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-rrvx-pwf8-p59p/GHSA-rrvx-pwf8-p59p.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}