Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-29857

Опубликовано: 14 мая 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.

РелизСтатусПримечание
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
jammy

needs-triage

mantic

ignored

end of life, was needs-triage
noble

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 56%
0.00337
Низкий

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2024-29857

CVSS3: 6.5
redhat
больше 1 года назад

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.

nvd логотип

CVE-2024-29857

CVSS3: 7.5
nvd
больше 1 года назад

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.

debian логотип

CVE-2024-29857

CVSS3: 7.5
debian
больше 1 года назад

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castl ...

github логотип

GHSA-8xfc-gm6g-vgpv

CVSS3: 5.3
github
больше 1 года назад

Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

fstec логотип

BDU:2024-05561

CVSS3: 5.3
fstec
почти 2 года назад

Уязвимость файлов ECCurve.java и ECCurve.cs библиотеки проверки ключа EC модуля Math средств криптографической защиты Bouncy Castle Crypto Package For Java (BC Java), Bouncy Castle Java Long Term Stable (LTS) (BC-LJA), Bouncy Castle FIPS Java API (BC-FJA) и Bouncy Castle Cryptography Library For .NET, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 56%
0.00337
Низкий

7.5 High

CVSS3