Lucene search
Veracode Vulnerability DatabaseVERACODE:46624HistoryApr 25, 2024 - 3:54 p.m.
Denial Of Service (DoS)
2024-04-2515:54:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
denial of service
bouncy castle
ed25519
Bouncy Castle is vulnerable to an infinite loop. The vulnerability is due to insufficient verification of signatures and public keys during Ed25519 verification, allowing attackers to trigger a denial of service (DoS) due to the infinite loop.
References
github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49
github.com/bcgit/bc-java/issues/1599
security.netapp.com/advisory/ntap-20240614-0007/
www.bouncycastle.org/latest_releases.html
www.bouncycastle.org/releasenotes.html#:~:text=exception%20processing%20eliminated.-,CVE%2D2024%2D30172,-%2D%20Crafted%20signature%20and
Related
ubuntucve
ubuntucve
CVE-2024-30172
2024-05-14 00:00:00
gitlab
gitlab
redhatcve
redhatcve
CVE-2024-30172
2024-06-19 03:20:44
cve
cve
CVE-2024-30172
2024-05-14 15:21:53
osv
osv
CGA-vxwq-f5f4-5vmj
2024-06-19 07:37:12
debiancve
debiancve
CVE-2024-30172
2024-05-14 15:21:53
github
github
cvelist
cvelist
CVE-2024-30172
2024-05-09 00:00:00
cgr
cgr
CVE-2024-30172 vulnerabilities
2024-05-19 03:07:16
nvd
nvd
CVE-2024-30172
2024-05-14 15:21:53
vulnrichment
vulnrichment
CVE-2024-30172
1976-01-01 00:00:00
wolfi
wolfi
CVE-2024-30172 vulnerabilities
2024-06-26 09:08:30
