CVE-2018-1000613
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000613
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000613.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-1000613
- Aliases
- Downstream
- Related
- Published
- 2018-07-09T20:29:00Z
- Modified
- 2025-10-14T14:33:41Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code. This attack appear to be exploitable via A handcrafted private key can include references to unexpected classes which will be picked up from the class path for the executing application. This vulnerability appears to have been fixed in 1.60 and later.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
- https://security.netapp.com/advisory/ntap-20190204-0003/
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
- https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574
- https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc
Affected packages
Git / github.com/bcgit/bc-java
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bcgit/bc-java
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Database specific
{
"vanir_signatures": [
{
"signature_version": "v1",
"target": {
"file": "core/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nField.java"
},
"signature_type": "Line",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"line_hashes": [
"79775469864887449031726992528092264216",
"158020448775076717148906996085300653576",
"275812659444679279030003262053263665824",
"57278503947585445859251767525831897581",
"74119756330458871783370921674018064942",
"118273411051918065845843923256924887946",
"148852442757008927333200580381873057503",
"250998592048132938674930204515358802923",
"125163840561745554936585815403948754961",
"63304757771489612095144266106989644249",
"170001266251636232580758292101570792059",
"184593933047307143404523881051729105411",
"303344212268304043901630747029593601039"
],
"threshold": 0.9
},
"id": "CVE-2018-1000613-06e2ce67"
},
{
"signature_version": "v1",
"target": {
"function": "checkParams",
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowParameters.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 381.0,
"function_hash": "227223140369740245223948291231522035309"
},
"id": "CVE-2018-1000613-0cc263f0"
},
{
"signature_version": "v1",
"target": {
"function": "toByteArray",
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPrivateKeyParameters.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 821.0,
"function_hash": "327952941261157767834331833929653754052"
},
"id": "CVE-2018-1000613-11735383"
},
{
"signature_version": "v1",
"target": {
"function": "XMSSMTPrivateKeyParameters",
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPrivateKeyParameters.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 2444.0,
"function_hash": "40593747632515616269105429577166518626"
},
"id": "CVE-2018-1000613-179e39bb"
},
{
"signature_version": "v1",
"target": {
"function": "invertMatrix",
"file": "core/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nField.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 1237.0,
"function_hash": "291749205239641627064544993430321062559"
},
"id": "CVE-2018-1000613-2f8456ff"
},
{
"signature_version": "v1",
"target": {
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSUtil.java"
},
"signature_type": "Line",
"source": "https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6",
"deprecated": false,
"digest": {
"line_hashes": [
"228121149018623912617392326711849242289",
"113432072202308777836065392287654795870",
"119743442702273367510532800177642306033",
"279981068374128684635698348565874765399",
"275460976710133388522032289775268837165",
"39730019454852082639768508744908083821",
"77755948226560311026505020504972862060",
"98120290507134027469030620592636300131",
"114506406009882571223294167510938465240",
"116592679243221374120377827492918418318",
"182003132177903483248986576158635341015",
"181558829554469776409576826728851572805"
],
"threshold": 0.9
},
"id": "CVE-2018-1000613-3a37baef"
},
{
"signature_version": "v1",
"target": {
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPrivateKeyParameters.java"
},
"signature_type": "Line",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"line_hashes": [
"260808258535337420534859593858153728418",
"176727153518612167581494331046156221050",
"170411275965797319506170857906246494575",
"238124524395965669595592246618177063944",
"153765105464744392364247811377629727944",
"214859365001256719950136334449189169775",
"38903388089444900411605702542369215120",
"223234083532513567037138890745642520622",
"206956183530939346378895506425203096173",
"5372893027715315054532519305155437868",
"69068307713592695397874923581833820388",
"337863728116063297684784494111439439392",
"240082652120488184022735646413700970328",
"244115513026929131115630655010480508737",
"33985168174298843539034780120842262941",
"145528215598066981901398726858962061120",
"293752981480724691359916585113902624593",
"226643127558744427735658867322105052877",
"46957684359351158379441296531742121369",
"206038012585702199749500273558908736302",
"139546950907302729012764997609736667643",
"111923454759952950440177997718936044654",
"28865272907548654792727874939924050535",
"280763514022528270949418155475943368143",
"200791176147346642110416312180503881367",
"223234083532513567037138890745642520622",
"30339353970830538128873938407903337764",
"245159193500251544391256378646637157496",
"11610541896882226714416979050844409428",
"210209361724250474603716964282186356003",
"85028048790046198862217658301202202625",
"177861731154356467468591358035084045490"
],
"threshold": 0.9
},
"id": "CVE-2018-1000613-452c378a"
},
{
"signature_version": "v1",
"target": {
"file": "prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSPrivateKey.java"
},
"signature_type": "Line",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"line_hashes": [
"61670809531981877170862012141275597160",
"259627115090513307289995936186153772530",
"76218590950356198363649431969182023641",
"67168934831299499856866700046470394678"
],
"threshold": 0.9
},
"id": "CVE-2018-1000613-4a7a2558"
},
{
"signature_version": "v1",
"target": {
"function": "deserialize",
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSUtil.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 172.0,
"function_hash": "19456477545752633028221251622818964347"
},
"id": "CVE-2018-1000613-4c9c3206"
},
{
"signature_version": "v1",
"target": {
"file": "core/src/test/java/org/bouncycastle/pqc/crypto/test/XMSSMTPrivateKeyTest.java"
},
"signature_type": "Line",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"line_hashes": [
"41125377494222275837871747276799687855",
"61835199254813146631985946548838712470",
"302158362064387878592869676524536241366",
"248660044891211800998914070568770852330",
"331449019416426631550655659686491643286",
"193190697910389583443934124951084072461",
"286212788510477477326207581852744802869",
"60649032013475207950126260770611870811",
"105934779279294133122729479644342917892",
"166786830769226294165338787469427747843",
"241240877914044830420662897051743094664",
"286089642309564641839319809464834192712"
],
"threshold": 0.9
},
"id": "CVE-2018-1000613-5f19b732"
},
{
"signature_version": "v1",
"target": {
"file": "prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSMTPrivateKey.java"
},
"signature_type": "Line",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"line_hashes": [
"8412954963575388027927533055480065649",
"178079790681614749234787439905060238413",
"239121702071886537514465476372719931335",
"154543228642701496741049400492941124408"
],
"threshold": 0.9
},
"id": "CVE-2018-1000613-72d092ae"
},
{
"signature_version": "v1",
"target": {
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyPairGenerator.java"
},
"signature_type": "Line",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"line_hashes": [
"2833018344427856628243648612154888605",
"116363018200911795394136703826571043968",
"273645093740276185462703937017613152142",
"113485829037358620710591422125953350080",
"226661600723126748219303594931890905145",
"14233022817064155166260708009677958954",
"150444285499111050947383101346995861621",
"99305449711374557883247470528566629037",
"133219272372870221614301533642878356810",
"17446391479223233539778219856002992800",
"247844000681911718671815040811940526578",
"266250243955121902809319868046573315003",
"32701202992397974805962312629938134713",
"244119325599143224700000805085819049235",
"176530448955025839937513555131013175389",
"100513111617104617653262679829545640713",
"297283284316372957754475985115916582855",
"8902562633069448097089700699218471122"
],
"threshold": 0.9
},
"id": "CVE-2018-1000613-7aaa790e"
},
{
"signature_version": "v1",
"target": {
"function": "testPrivateKeyParsingSHA256",
"file": "core/src/test/java/org/bouncycastle/pqc/crypto/test/XMSSMTPrivateKeyTest.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 352.0,
"function_hash": "87969249621066119498033811034029559788"
},
"id": "CVE-2018-1000613-8373f9d3"
},
{
"signature_version": "v1",
"target": {
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSUtil.java"
},
"signature_type": "Line",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"line_hashes": [
"230052912887228113966427927179750011923",
"287887050542612040916719368136341447317",
"37191385464895716643839494425307223307",
"183479141494837055702314141811212354811",
"136361179921224229520579812874657990653",
"26187638750278918604891762605520646766",
"70350353095832571710704905266207366482",
"172282878114023748666997502722174503010",
"202292041008979895145666775085596228014"
],
"threshold": 0.9
},
"id": "CVE-2018-1000613-8c12f6e3"
},
{
"signature_version": "v1",
"target": {
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPrivateKeyParameters.java"
},
"signature_type": "Line",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"line_hashes": [
"140423835287465713519223176211501846156",
"155701319257948483620872092424038662566",
"330643038039171088499302065190968840507",
"286069367972366590800569153144088021010",
"70152557041632875647517010047244051424",
"170732069116260628393667501687825939696",
"271952224398603712573042856882057870328",
"223234083532513567037138890745642520622",
"206956183530939346378895506425203096173",
"5372893027715315054532519305155437868",
"69068307713592695397874923581833820388",
"337863728116063297684784494111439439392",
"240082652120488184022735646413700970328",
"244115513026929131115630655010480508737",
"204487344509016101076854953261566825725",
"159486626357007639863681290418990625237",
"128383977914180318855830521879013210720",
"108399221428972533427333969657063992751",
"244662001773147553746884301596131431146",
"32237688758985284353017452343648658591",
"202753034795592500595398887729635834498",
"271355962667833480206252621651102455891",
"226643127558744427735658867322105052877"
],
"threshold": 0.9
},
"id": "CVE-2018-1000613-9184194e"
},
{
"signature_version": "v1",
"target": {
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowParameters.java"
},
"signature_type": "Line",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"line_hashes": [
"173752393978752566799764572887984855826",
"336172993706778749945911556127390561622",
"338976692609441897856665140493681136605",
"186861585271180501377041445572709124902",
"313464672610500283835082170806369701782",
"55183376176353237597370413876886843013",
"282380586800142360765406859290878489851",
"119263822948100571975380117294536339356",
"105309240861057114757715772107182612384",
"272085203043633166490157426836221395419",
"1367067517896227047750001060721773399",
"103434884949461171043344427845475961087",
"68952555090785794212493854188173879268",
"119902201881262397632209638787009572758",
"112103600939018972451375399853417933400",
"334268098639271906315771653817993166296",
"299661475627473838739806603125722652579",
"57766972797322550201370847217493726957",
"264309184884966767799979034634443020006",
"36494542382637347177586218605109579063",
"100669610968375698563723722308114209729",
"228595494739691148452737776392294732106",
"143623702597284236672824663494296292456",
"216628819176825603862908918242355201886",
"333074141710635353878506192750459148821",
"239461441853134247922655958595810298397",
"234054081913830280642274358714603147401",
"159557833274617906596588511388891333456",
"79778703990503684401044650385921608332"
],
"threshold": 0.9
},
"id": "CVE-2018-1000613-9963e4f8"
},
{
"signature_version": "v1",
"target": {
"function": "BCXMSSPrivateKey",
"file": "prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSPrivateKey.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 785.0,
"function_hash": "294377225652623858920819964383752708110"
},
"id": "CVE-2018-1000613-aa916764"
},
{
"signature_version": "v1",
"target": {
"function": "RainbowParameters",
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowParameters.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 119.0,
"function_hash": "124020280645835625015766319279376692467"
},
"id": "CVE-2018-1000613-bc6d413f"
},
{
"signature_version": "v1",
"target": {
"function": "genKeyPair",
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyPairGenerator.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 2684.0,
"function_hash": "109001758061308947475563124089222599383"
},
"id": "CVE-2018-1000613-cb811d26"
},
{
"signature_version": "v1",
"target": {
"function": "resolveClass",
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSUtil.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6",
"deprecated": false,
"digest": {
"length": 300.0,
"function_hash": "8132440936393220058096904522331279005"
},
"id": "CVE-2018-1000613-d53959ec"
},
{
"signature_version": "v1",
"target": {
"function": "BCXMSSMTPrivateKey",
"file": "prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSMTPrivateKey.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 806.0,
"function_hash": "52368882895678476032056481631296331135"
},
"id": "CVE-2018-1000613-e2b301ff"
},
{
"signature_version": "v1",
"target": {
"function": "XMSSPrivateKeyParameters",
"file": "core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPrivateKeyParameters.java"
},
"signature_type": "Function",
"source": "https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223",
"deprecated": false,
"digest": {
"length": 2538.0,
"function_hash": "32718092164948884888585297082968739299"
},
"id": "CVE-2018-1000613-ef89f412"
}
]
}