Lucene search
Veracode Vulnerability DatabaseVERACODE:46622HistoryApr 25, 2024 - 3:51 p.m.
Denial Of Service (DoS)
2024-04-2515:51:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
denial of service
f2m parameters
cpu usage
Bouncy Castle is vulnerable to Denial of Service (DoS). The vulnerability is due to improper validation of F2m parameters, allowing an attacker to craft a certificate that causes high CPU usage during the evaluation of the curve parameters.
References
github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857
github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f
github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857
www.bouncycastle.org/latest_releases.html
www.bouncycastle.org/releasenotes.html#:~:text=the%20following%20CVEs%3A-,CVE%2D2024%2D29857,-%2D%20Importing%20an%20EC
Related
nvd
nvd
CVE-2024-29857
2024-05-14 15:17:02
cve
cve
CVE-2024-29857
2024-05-14 15:17:02
debiancve
debiancve
CVE-2024-29857
2024-05-14 15:17:02
cgr
cgr
CVE-2024-29857 vulnerabilities
2024-05-19 03:07:16
ubuntucve
ubuntucve
CVE-2024-29857
2024-05-14 00:00:00
gitlab
gitlab
github
github
osv
osv
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
2024-05-14 15:32:54
CGA-p93x-49fc-v5m3
2024-06-19 07:36:00
wolfi
wolfi
CVE-2024-29857 vulnerabilities
2024-06-26 09:08:30
cvelist
cvelist
CVE-2024-29857
1976-01-01 00:00:00
redhatcve
redhatcve
CVE-2024-29857
2024-06-19 03:52:08
nessus
nessus
