CVE-2024-30171 | BouncyCastle up to 1.77 Cryptography API Marvin Attack timing discrepancy

Posted by Angelo Barbosa | Apr 24, 2024 | CVE

A vulnerability was found in BouncyCastle up to 1.77 and classified as problematic. Affected by this issue is some unknown functionality of the component Cryptography API. The manipulation leads to observable timing discrepancy.

This vulnerability is handled as CVE-2024-30171. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-30171 | BouncyCastle up to 1.77 Cryptography API Marvin Attack timing discrepancy

Related Posts

VDB-269941 | Google Cloud Storage XML API/Cloud IAM HMAC Key unknown vulnerability

CVE-2024-0649 | ZhiHuiYun up to 4.4.13 Search ImageController.php download_network_image url server-side request forgery

CVE-2023-7249 | OpenText Directory Services up to 24.0 path traversal (KB0807814)

CVE-2024-7691 | Flaming Forms Plugin up to 1.0.1 on WordPress cross site scripting