Bouncy Castle is vulnerable to Denial of Service (DoS). The vulnerability is due to improper validation of F2m parameters, allowing an attacker to craft a certificate that causes high CPU usage during the evaluation of the curve parameters.
github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857
github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f
github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857
www.bouncycastle.org/latest_releases.html
www.bouncycastle.org/releasenotes.html#:~:text=the%20following%20CVEs%3A-,CVE%2D2024%2D29857,-%2D%20Importing%20an%20EC