CVE-2024-29857
May 14, 2024, 4:13 p.m.
Tags
Product(s) Impacted
Bouncy Castle Java (BC Java)
- before 1.78
- BC Java LTS before 2.73.6
BC-FJA
- before 1.0.2.5
BC C# .Net
- before 2.3.1
Description
An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
Weaknesses
Date
Published: May 14, 2024, 3:17 p.m.
Last Modified: May 14, 2024, 4:13 p.m.
Status : Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
More infoSource
cve@mitre.org