CVE-2024-30171 | THREATINT

Description

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.

PUBLISHED Reserved 2024-03-24 | Published 2024-05-09 | Updated 2024-08-19 | Assigner mitre

References

www.bouncycastle.org/latest_releases.html

github.com/bcgit/bc-java/wiki/CVE‐2024‐30171

github.com/bcgit/bc-csharp/wiki/CVE‐2024‐30171

security.netapp.com/advisory/ntap-20240614-0008/

cve.org (CVE-2024-30171)

nvd.nist.gov (CVE-2024-30171)

Download JSON