Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-30171

Опубликовано: 14 мая 2024
Источник: debian
EPSS Низкий

Описание

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
bouncycastlefixed1.80-1package
bouncycastleno-dsabookwormpackage
bouncycastleno-dsabullseyepackage
bouncycastlepostponedbusterpackage

Примечания

  • https://github.com/bcgit/bc-java/issues/1528

  • https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171

  • https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0 (r1rv78v1)

  • https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d (r1rv77)

EPSS

Процентиль: 28%
0.001
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-30171

CVSS3: 5.9
ubuntu
больше 1 года назад

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.

redhat логотип

CVE-2024-30171

CVSS3: 5.9
redhat
почти 2 года назад

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.

nvd логотип

CVE-2024-30171

CVSS3: 5.9
nvd
больше 1 года назад

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.

suse-cvrf логотип

SUSE-SU-2024:1539-2

suse-cvrf
больше 1 года назад

Security update for bouncycastle

suse-cvrf логотип

SUSE-SU-2024:1539-1

suse-cvrf
почти 2 года назад

Security update for bouncycastle

EPSS

Процентиль: 28%
0.001
Низкий