Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Products
Bouncy Castle Java TLS API
- before 1.78
JSSE Provider
- before 1.78
Source
cve@mitre.org
Tags
CVE-2024-30171 details
Published : May 14, 2024, 3:21 p.m.
Last Modified : May 14, 2024, 4:13 p.m.
Last Modified : May 14, 2024, 4:13 p.m.
Description
An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
References
| URL | Source |
|---|---|
| https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171 | cve@mitre.org |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171 | cve@mitre.org |
| https://www.bouncycastle.org/latest_releases.html | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.