Assigner | mitre |
Reserved | 2024-03-24 |
Published | 2024-05-09 |
Updated | 2024-06-14 |
Description
An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
References
https://www.bouncycastle.org/latest_releases.html
https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171
https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171
https://security.netapp.com/advisory/ntap-20240614-0008/