CVE-2015-7940

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

Published: 2015-11-09 Last update: 2026-05-06 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2015-7940 is rated Moderate Risk (46.7/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.02%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2015-7940

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-10-18 1.12% 1.02% -0.11%
2 2025-06-27 0.75% 1.12% +0.38%
3 2025-04-22 0.75%

Full EPSS history (11 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2015-7940

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.0 2.0 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:N)
No availability impact.
 10.0 2.9 [email protected]

Weakness enumeration for CVE-2015-7940

GitHub Security Advisory for CVE-2015-7940

GHSA-4mv7-cq75-3qjm · Severity: medium · Ecosystem: maven — Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

OS Trackers for CVE-2015-7940

vendor priority summary link
debian not yet assigned CVE-2015-7940 not yet assigned priority: Debian including 1 source packages (bouncycastle), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2015-7940
redhat medium https://access.redhat.com/security/cve/CVE-2015-7940
suse high CVE-2015-7940 severity important: SUSE including 26 source package names (bouncycastle-1.54-1.2, bouncycastle-1.64-1.63, …), 28 product×package rows across 8 product lines (SUSE Linux Enterprise Module for Development Tools 15 SP2, SUSE Linux Enterprise Module for Development Tools 15 SP3, … (8 product lines)): Fixed 28. https://www.suse.com/security/cve/CVE-2015-7940/
ubuntu low CVE-2015-7940 low priority: Ubuntu including 1 source packages (bouncycastle), 10 status rows across 10 suites (artful, bionic, precise, trusty, upstream, vivid, wily, xenial, yakkety, zesty): ignored 5, not-affected 3, released 2. https://ubuntu.com/security/CVE-2015-7940

Affected software / configurations for CVE-2015-7940

Vendor Product Version Raw CPE
opensuse leap 42.1 cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
opensuse opensuse 13.1 cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
opensuse opensuse 13.2 cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
bouncycastle bouncy_castle_crypto_package <= 1.50 cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:*:*:*:*:*:*:*:*
oracle application_testing_suite 12.5.0.1 cpe:2.3:a:oracle:application_testing_suite:12.5.0.1:*:*:*:*:*:*:*
oracle application_testing_suite 12.5.0.2 cpe:2.3:a:oracle:application_testing_suite:12.5.0.2:*:*:*:*:*:*:*
oracle application_testing_suite 12.5.0.3 cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*
oracle enterprise_manager_ops_center 12.1.4 cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*
oracle enterprise_manager_ops_center 12.2.2 cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.54 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.54:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.55 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
oracle virtual_desktop_infrastructure 3.5.2 cpe:2.3:a:oracle:virtual_desktop_infrastructure:3.5.2:*:*:*:*:*:*:*

References for CVE-2015-7940

URL Tags
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00012.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2035.html
http://rhn.redhat.com/errata/RHSA-2016-2036.html
http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html Technical Description
http://www.debian.org/security/2015/dsa-3417
http://www.openwall.com/lists/oss-security/2015/10/22/7 Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2015/10/22/9 Third Party Advisory VDB Entry
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.securityfocus.com/bid/79091
http://www.securitytracker.com/id/1037036
http://www.securitytracker.com/id/1037046
http://www.securitytracker.com/id/1037053
https://usn.ubuntu.com/3727-1/
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
cvelogic Threat Intelligence