CVE-2024-30171 Information

Description

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.

Reference

https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171 https://www.bouncycastle.org/latest_releases.html