CVE-2024-30171

2024-05-1415:21:52

Debian Security Bug Tracker

security-tracker.debian.org

cve-2024-30171

unix

security issue

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.

OSVersionArchitecturePackageVersionFilename
Debian12allbouncycastle<= 1.72-2bouncycastle_1.72-2_all.deb
Debian11allbouncycastle<= 1.68-2bouncycastle_1.68-2_all.deb
Debian999allbouncycastle<= 1.77-1bouncycastle_1.77-1_all.deb
Debian13allbouncycastle<= 1.77-1bouncycastle_1.77-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	bouncycastle	<= 1.72-2	bouncycastle_1.72-2_all.deb
Debian	11	all	bouncycastle	<= 1.68-2	bouncycastle_1.68-2_all.deb
Debian	999	all	bouncycastle	<= 1.77-1	bouncycastle_1.77-1_all.deb
Debian	13	all	bouncycastle	<= 1.77-1	bouncycastle_1.77-1_all.deb