ruby3.3-bouncy-castle-java
1.5.0146.1-r1
5.9
CVSS V3
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")
An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.