High severity7.5GHSA Advisory· Published May 3, 2024· Updated Apr 15, 2026
CVE-2024-34447
CVE-2024-34447
Description
An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 (ships with BC Java 1.78, BC Java (LTS) 2.73.6) and before BC FIPS TLS Java 1.0.19. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP address in some situations, opening up a possibility of DNS poisoning.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.bouncycastle:bcprov-jdk18onMaven | >= 1.61, < 1.78 | 1.78 |
org.bouncycastle:bcprov-jdk15to18Maven | >= 1.61, < 1.78 | 1.78 |
org.bouncycastle:bcprov-jdk14Maven | >= 1.61, < 1.78 | 1.78 |
org.bouncycastle:bcprov-jdk12Maven | >= 1.61, < 1.78 | 1.78 |
org.bouncycastle:bctls-fipsMaven | < 1.0.19 | 1.0.19 |
org.bouncycastle:bcprov-lts8onMaven | < 2.73.6 | 2.73.6 |
org.bouncycastle:bcprov-jdk15onMaven | >= 1.61, < 1.78 | 1.78 |
Affected products
188- Range: >= 1.61, < 1.78
- osv-coords187 versionspkg:apk/chainguard/druidpkg:apk/chainguard/elasticsearch-7pkg:apk/chainguard/elasticsearch-7-bitnamipkg:apk/chainguard/elasticsearch-7-iamguardedpkg:apk/chainguard/elasticsearch-8pkg:apk/chainguard/elasticsearch-8-bitnamipkg:apk/chainguard/elasticsearch-8-configpkg:apk/chainguard/elasticsearch-8-iamguardedpkg:apk/chainguard/elasticsearch-configpkg:apk/chainguard/elasticsearch-fips-8pkg:apk/chainguard/elasticsearch-fips-8-bitnamipkg:apk/chainguard/elasticsearch-fips-8-configpkg:apk/chainguard/elasticsearch-fips-8-policy-140-2pkg:apk/chainguard/elasticsearch-fips-8-policy-140-3pkg:apk/chainguard/gradle-8pkg:apk/chainguard/hivepkg:apk/chainguard/hive-compatpkg:apk/chainguard/jruby-9.4pkg:apk/chainguard/jruby-9.4-default-rubypkg:apk/chainguard/keycloakpkg:apk/chainguard/keycloak-bitnami-compatpkg:apk/chainguard/keycloak-bitnami-fipspkg:apk/chainguard/keycloak-compatpkg:apk/chainguard/keycloak-fipspkg:apk/chainguard/keycloak-fips-bitnami-compatpkg:apk/chainguard/keycloak-fips-policy-140-2pkg:apk/chainguard/keycloak-fips-policy-140-3pkg:apk/chainguard/keycloak-iamguarded-compatpkg:apk/chainguard/keycloak-iamguarded-fipspkg:apk/chainguard/logstashpkg:apk/chainguard/logstash-compatpkg:apk/chainguard/logstash-env2yamlpkg:apk/chainguard/logstash-jre-bcfipspkg:apk/chainguard/logstash-with-output-opensearchpkg:apk/chainguard/opensearch-2pkg:apk/chainguard/opensearch-2-alertingpkg:apk/chainguard/opensearch-2-analysis-icupkg:apk/chainguard/opensearch-2-analysis-kuromojipkg:apk/chainguard/opensearch-2-analysis-noripkg:apk/chainguard/opensearch-2-analysis-phoneticpkg:apk/chainguard/opensearch-2-analysis-smartcnpkg:apk/chainguard/opensearch-2-analysis-stempelpkg:apk/chainguard/opensearch-2-analysis-ukrainianpkg:apk/chainguard/opensearch-2-anomaly-detectionpkg:apk/chainguard/opensearch-2-asynchronous-searchpkg:apk/chainguard/opensearch-2-cross-cluster-replicationpkg:apk/chainguard/opensearch-2-crypto-kmspkg:apk/chainguard/opensearch-2-custom-codecspkg:apk/chainguard/opensearch-2-discovery-azure-classicpkg:apk/chainguard/opensearch-2-discovery-ec2pkg:apk/chainguard/opensearch-2-discovery-gcepkg:apk/chainguard/opensearch-2-entrypoint-compatpkg:apk/chainguard/opensearch-2-geospatialpkg:apk/chainguard/opensearch-2-identity-shiropkg:apk/chainguard/opensearch-2-index-managementpkg:apk/chainguard/opensearch-2-ingest-attachmentpkg:apk/chainguard/opensearch-2-job-schedulerpkg:apk/chainguard/opensearch-2-jre-bcfipspkg:apk/chainguard/opensearch-2-jre-bcfips-alertingpkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-icupkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-kuromojipkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-noripkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-phoneticpkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-smartcnpkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-stempelpkg:apk/chainguard/opensearch-2-jre-bcfips-analysis-ukrainianpkg:apk/chainguard/opensearch-2-jre-bcfips-anomaly-detectionpkg:apk/chainguard/opensearch-2-jre-bcfips-asynchronous-searchpkg:apk/chainguard/opensearch-2-jre-bcfips-cross-cluster-replicationpkg:apk/chainguard/opensearch-2-jre-bcfips-crypto-kmspkg:apk/chainguard/opensearch-2-jre-bcfips-custom-codecspkg:apk/chainguard/opensearch-2-jre-bcfips-discovery-azure-classicpkg:apk/chainguard/opensearch-2-jre-bcfips-discovery-ec2pkg:apk/chainguard/opensearch-2-jre-bcfips-discovery-gcepkg:apk/chainguard/opensearch-2-jre-bcfips-geospatialpkg:apk/chainguard/opensearch-2-jre-bcfips-identity-shiropkg:apk/chainguard/opensearch-2-jre-bcfips-index-managementpkg:apk/chainguard/opensearch-2-jre-bcfips-ingest-attachmentpkg:apk/chainguard/opensearch-2-jre-bcfips-job-schedulerpkg:apk/chainguard/opensearch-2-jre-bcfips-k-nnpkg:apk/chainguard/opensearch-2-jre-bcfips-mapper-annotated-textpkg:apk/chainguard/opensearch-2-jre-bcfips-mapper-murmur3pkg:apk/chainguard/opensearch-2-jre-bcfips-mapper-sizepkg:apk/chainguard/opensearch-2-jre-bcfips-ml-commonspkg:apk/chainguard/opensearch-2-jre-bcfips-neural-searchpkg:apk/chainguard/opensearch-2-jre-bcfips-notificationspkg:apk/chainguard/opensearch-2-jre-bcfips-observabilitypkg:apk/chainguard/opensearch-2-jre-bcfips-performance-analyzerpkg:apk/chainguard/opensearch-2-jre-bcfips-reportingpkg:apk/chainguard/opensearch-2-jre-bcfips-repository-azurepkg:apk/chainguard/opensearch-2-jre-bcfips-repository-gcspkg:apk/chainguard/opensearch-2-jre-bcfips-repository-s3pkg:apk/chainguard/opensearch-2-jre-bcfips-securitypkg:apk/chainguard/opensearch-2-jre-bcfips-security-analyticspkg:apk/chainguard/opensearch-2-jre-bcfips-sqlpkg:apk/chainguard/opensearch-2-jre-bcfips-store-smbpkg:apk/chainguard/opensearch-2-jre-bcfips-telemetry-otelpkg:apk/chainguard/opensearch-2-jre-bcfips-transport-niopkg:apk/chainguard/opensearch-2-k-nnpkg:apk/chainguard/opensearch-2-mapper-annotated-textpkg:apk/chainguard/opensearch-2-mapper-murmur3pkg:apk/chainguard/opensearch-2-mapper-sizepkg:apk/chainguard/opensearch-2-ml-commonspkg:apk/chainguard/opensearch-2-neural-searchpkg:apk/chainguard/opensearch-2-notificationspkg:apk/chainguard/opensearch-2-observabilitypkg:apk/chainguard/opensearch-2-performance-analyzerpkg:apk/chainguard/opensearch-2-reportingpkg:apk/chainguard/opensearch-2-repository-azurepkg:apk/chainguard/opensearch-2-repository-gcspkg:apk/chainguard/opensearch-2-repository-s3pkg:apk/chainguard/opensearch-2-securitypkg:apk/chainguard/opensearch-2-security-analyticspkg:apk/chainguard/opensearch-2-sqlpkg:apk/chainguard/opensearch-2-store-smbpkg:apk/chainguard/opensearch-2-telemetry-otelpkg:apk/chainguard/opensearch-2-transport-niopkg:apk/chainguard/ruby3.2-bouncy-castle-javapkg:apk/chainguard/ruby3.3-bouncy-castle-javapkg:apk/chainguard/sonarqube-10pkg:apk/chainguard/sonarqube-10-docker-compatpkg:apk/chainguard/sonarqube-10-scriptspkg:apk/wolfi/druidpkg:apk/wolfi/gradle-8pkg:apk/wolfi/jruby-9.4pkg:apk/wolfi/jruby-9.4-default-rubypkg:apk/wolfi/keycloakpkg:apk/wolfi/keycloak-bitnami-compatpkg:apk/wolfi/keycloak-compatpkg:apk/wolfi/keycloak-iamguarded-compatpkg:apk/wolfi/logstashpkg:apk/wolfi/logstash-compatpkg:apk/wolfi/logstash-env2yamlpkg:apk/wolfi/logstash-with-output-opensearchpkg:apk/wolfi/opensearch-2pkg:apk/wolfi/opensearch-2-alertingpkg:apk/wolfi/opensearch-2-analysis-icupkg:apk/wolfi/opensearch-2-analysis-kuromojipkg:apk/wolfi/opensearch-2-analysis-noripkg:apk/wolfi/opensearch-2-analysis-phoneticpkg:apk/wolfi/opensearch-2-analysis-smartcnpkg:apk/wolfi/opensearch-2-analysis-stempelpkg:apk/wolfi/opensearch-2-analysis-ukrainianpkg:apk/wolfi/opensearch-2-anomaly-detectionpkg:apk/wolfi/opensearch-2-asynchronous-searchpkg:apk/wolfi/opensearch-2-cross-cluster-replicationpkg:apk/wolfi/opensearch-2-crypto-kmspkg:apk/wolfi/opensearch-2-custom-codecspkg:apk/wolfi/opensearch-2-discovery-azure-classicpkg:apk/wolfi/opensearch-2-discovery-ec2pkg:apk/wolfi/opensearch-2-discovery-gcepkg:apk/wolfi/opensearch-2-geospatialpkg:apk/wolfi/opensearch-2-identity-shiropkg:apk/wolfi/opensearch-2-index-managementpkg:apk/wolfi/opensearch-2-ingest-attachmentpkg:apk/wolfi/opensearch-2-job-schedulerpkg:apk/wolfi/opensearch-2-k-nnpkg:apk/wolfi/opensearch-2-mapper-annotated-textpkg:apk/wolfi/opensearch-2-mapper-murmur3pkg:apk/wolfi/opensearch-2-mapper-sizepkg:apk/wolfi/opensearch-2-ml-commonspkg:apk/wolfi/opensearch-2-neural-searchpkg:apk/wolfi/opensearch-2-notificationspkg:apk/wolfi/opensearch-2-observabilitypkg:apk/wolfi/opensearch-2-performance-analyzerpkg:apk/wolfi/opensearch-2-reportingpkg:apk/wolfi/opensearch-2-repository-azurepkg:apk/wolfi/opensearch-2-repository-gcspkg:apk/wolfi/opensearch-2-repository-s3pkg:apk/wolfi/opensearch-2-securitypkg:apk/wolfi/opensearch-2-security-analyticspkg:apk/wolfi/opensearch-2-sqlpkg:apk/wolfi/opensearch-2-store-smbpkg:apk/wolfi/opensearch-2-telemetry-otelpkg:apk/wolfi/opensearch-2-transport-niopkg:apk/wolfi/ruby3.2-bouncy-castle-javapkg:apk/wolfi/ruby3.3-bouncy-castle-javapkg:apk/wolfi/sonarqube-10pkg:apk/wolfi/sonarqube-10-docker-compatpkg:apk/wolfi/sonarqube-10-scriptspkg:maven/org.bouncycastle/bcprov-jdk12pkg:maven/org.bouncycastle/bcprov-jdk14pkg:maven/org.bouncycastle/bcprov-jdk15onpkg:maven/org.bouncycastle/bcprov-jdk15to18pkg:maven/org.bouncycastle/bcprov-jdk18onpkg:maven/org.bouncycastle/bcprov-lts8onpkg:maven/org.bouncycastle/bctls-fips
< 37.0.0-r8+ 186 more
- (no CPE)range: < 37.0.0-r8
- (no CPE)range: < 7.17.22-r0
- (no CPE)range: < 7.17.22-r0
- (no CPE)range: < 7.17.22-r0
- (no CPE)range: < 8.13.4-r1
- (no CPE)range: < 8.13.4-r1
- (no CPE)range: < 8.13.4-r1
- (no CPE)range: < 8.13.4-r1
- (no CPE)range: < 8.13.4-r1
- (no CPE)range: < 8.13.4-r1
- (no CPE)range: < 8.13.4-r1
- (no CPE)range: < 8.13.4-r1
- (no CPE)range: < 8.13.4-r1
- (no CPE)range: < 8.13.4-r1
- (no CPE)range: < 8.7.0-r4
- (no CPE)range: < 4.0.1-r1
- (no CPE)range: < 4.0.1-r1
- (no CPE)range: < 9.4.8.0-r0
- (no CPE)range: < 9.4.8.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 8.15.0-r0
- (no CPE)range: < 8.15.0-r0
- (no CPE)range: < 8.15.0-r0
- (no CPE)range: < 8.13.4-r0
- (no CPE)range: < 8.15.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 1.5.0146.1-r4
- (no CPE)range: < 1.5.0146.1-r1
- (no CPE)range: < 25.3.0.104237-r0
- (no CPE)range: < 25.3.0.104237-r0
- (no CPE)range: < 25.3.0.104237-r0
- (no CPE)range: < 37.0.0-r8
- (no CPE)range: < 8.7.0-r4
- (no CPE)range: < 9.4.8.0-r0
- (no CPE)range: < 9.4.8.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 8.15.0-r0
- (no CPE)range: < 8.15.0-r0
- (no CPE)range: < 8.15.0-r0
- (no CPE)range: < 8.15.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 1.5.0146.1-r4
- (no CPE)range: < 1.5.0146.1-r1
- (no CPE)range: < 25.3.0.104237-r0
- (no CPE)range: < 25.3.0.104237-r0
- (no CPE)range: < 25.3.0.104237-r0
- (no CPE)range: >= 1.61, < 1.78
- (no CPE)range: >= 1.61, < 1.78
- (no CPE)range: >= 1.61, < 1.78
- (no CPE)range: >= 1.61, < 1.78
- (no CPE)range: >= 1.61, < 1.78
- (no CPE)range: < 2.73.6
- (no CPE)range: < 1.0.19
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.