CVE-2011-2487: Use of a Broken or Risky Cryptographic Algorithm

March 11, 2020 (updated March 18, 2020)

The implementations of PKCS#1 key transport mechanism for XMLEncryption Apache WSS4J is susceptible to a Bleichenbacher attack.

References

www.securityfocus.com/bid/57549
bugzilla.redhat.com/show_bug.cgi?id=713539
exchange.xforce.ibmcloud.com/vulnerabilities/81737
nvd.nist.gov/vuln/detail/CVE-2011-2487

Detect and mitigate CVE-2011-2487 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →