Security Advisories

CVE-2024-30172

Published

Last updated

https://nvd.nist.gov/vuln/detail/CVE-2024-30172

Severity

5.3

Medium

CVSS V3

Summary

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

Description

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.

References

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2024-30172

Severity

Summary

Description

References

Affected packages

Product

Why Chainguard

Why Chainguard

Customers

Customers

Company

Company

Resources

Resources