CVE-2024-30172
published 2024-05-14CVE-2024-30172: An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | bitbucket_data_center | — | — |
| debian | bouncycastle | < bouncycastle 1.80-1 (forky) | bouncycastle 1.80-1 (forky) |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH