CVE-2018-9426

Name of the Vulnerable Software and Affected Versions RSAKeyPairGenerator (affected versions not specified)

Description An incorrect implementation in RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java could cause the generation of weak RSA key pairs. This could lead to a crypto vulnerability with no additional execution privileges needed. User interaction is not needed for exploitation. The fix is designed to correctly implement the key generation according to the FIPS standard.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.