An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.

References

github.com/bcgit/bc-java/issues/1528

ubuntu.com/security/CVE-2024-30171

www.cve.org/CVERecord?id=CVE-2024-30171

openvas 3

veracode 1

osv 10

ibm 22

debiancve 1

wolfi 1

nessus 7

ubuntucve 1

vulnrichment 1

cvelist 1

cgr 1

gitlab 2

github 1

redhatcve 1

nvd 1

cve 1

redhat 12

oracle 1

openvas

openSUSE: Security Advisory for bouncycastle (SUSE-SU-2024:1539-1)

2024-05-13 00:00:00

openSUSE: Security Advisory for bouncycastle (SUSE-SU-2024:1539-2)

2024-06-19 00:00:00

SUSE: Security Advisory (SUSE-SU-2024:1539-1)

2024-05-07 00:00:00

veracode

Observable Discrepancy

2024-04-25 15:52:49

osv

CGA-j49x-3x3f-7v84

2024-07-03 00:34:25

CGA-38cm-jrfp-jgjm

2024-06-06 12:21:49

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

2024-05-14 15:32:54

ibm

Security Bulletin: IBM Maximo Application Suite uses bcprov-jdk18on-1.74.jar which is vulnerable to CVE-2024-30171

2024-06-12 13:46:31

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a sensitive information exposure in Bouncy Castle Crypto Package For Java [CVE-2024-30171]

2024-08-01 16:33:09

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-30171

2024-06-28 15:28:27

debiancve

CVE-2024-30171

2024-05-14 15:21:52

wolfi

CVE-2024-30171 vulnerabilities

2024-09-19 09:11:50

nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bouncycastle (SUSE-SU-2024:1539-2)

2024-06-19 00:00:00

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bouncycastle (SUSE-SU-2024:1539-1)

2024-05-08 00:00:00

RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.0.3 Security update (Important) (RHSA-2024:5481)

2024-08-15 00:00:00

ubuntucve

CVE-2024-30171

2024-05-14 00:00:00

vulnrichment

CVE-2024-30171

2024-05-09 00:00:00

cvelist

CVE-2024-30171

2024-05-09 00:00:00

cgr

CVE-2024-30171 vulnerabilities

2024-05-19 03:07:16

gitlab

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

2024-05-14 00:00:00

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

2024-05-14 00:00:00

github

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

2024-05-14 15:32:54

redhatcve

CVE-2024-30171

2024-04-22 10:04:51

nvd

CVE-2024-30171

2024-05-14 15:21:52

cve

CVE-2024-30171

2024-05-14 15:21:52

redhat

(RHSA-2024:4173) Moderate: Red Hat build of Cryostat 3.0.0: new RHEL 8 container image security update

2024-07-08 02:19:41

(RHSA-2024:4505) Moderate: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update (RHBQ 3.8.5.GA)

2024-07-11 12:26:39

(RHSA-2024:4326) Moderate: Red Hat build of Quarkus 3.8.5 release and security update

2024-07-08 14:10:09

oracle

Oracle Critical Patch Update Advisory - July 2024

2024-07-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

6.6

Confidence

Low

JSON

Related for OSV:CVE-2024-30171