Vulnerability Change Records for CVE-2020-26939

Change History

Initial Analysis 11/17/2020 2:32:51 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:*:*:*:*:*:*:*:* versions up to (excluding) 1.55
     *cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-fips-java-api:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.1.2
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Added CWE

								
							
							
						
NIST CWE-203
Changed Reference Type
https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1 No Types Assigned
https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1 Patch, Third Party Advisory
Changed Reference Type
https://github.com/bcgit/bc-java/wiki/CVE-2020-26939 No Types Assigned
https://github.com/bcgit/bc-java/wiki/CVE-2020-26939 Patch, Third Party Advisory
Changed Reference Type
https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html No Types Assigned
https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html Mailing List, Third Party Advisory

CVE Modified by MITRE 12/02/2020 7:15:11 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.netapp.com/advisory/ntap-20201202-0005/ [No Types Assigned]

Modified Analysis 12/23/2020 10:43:02 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:*:*:*:*:*:*:*:* versions up to (excluding) 1.55
     *cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-fips-java-api:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.1.2
OR
     *cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:*:*:*:*:*:*:*:* versions up to (excluding) 1.61
     *cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-fips-java-api:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.1.2
Removed CPE Configuration
OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

								
						

CVE Modified by MITRE 11/05/2020 8:15:12 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.debian.org/debian-lts-announce/2020/11/msg00007.html [No Types Assigned]