Vulnerability Database
296,746
Total vulnerabilities in the database
CVE-2024-29857
An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
| Software | From | Fixed in |
|---|---|---|
org.bouncycastle / bcprov-jdk18on
|
- | 1.78 |
|
org.bouncycastle / bcprov-jdk15on
|
- | 1.78 |
|
org.bouncycastle / bcprov-jdk15to18
|
- | 1.78 |
|
org.bouncycastle / bcprov-jdk14
|
- | 1.78 |
|
org.bouncycastle / bctls-jdk18on
|
- | 1.78 |
|
org.bouncycastle / bctls-jdk14
|
- | 1.78 |
|
org.bouncycastle / bctls-jdk15to18
|
- | 1.78 |
|
org.bouncycastle / bcpkix-jdk18on
|
- | 1.78 |
|
org.bouncycastle / bcpkix-jdk15to18
|
- | 1.78 |
|
org.bouncycastle / bcpkix-jdk14
|
- | 1.78 |
|
org.bouncycastle / bc-fips
|
- | 1.0.2.5 |
BouncyCastle
|
- | - |
|
BouncyCastle.Cryptography
|
- | 2.3.1 |
- https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63
- https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857
- https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281
- https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857
- https://security.netapp.com/advisory/ntap-20241206-0008/
- https://www.bouncycastle.org/latest_releases.html
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime