rpm package
suse/bouncycastle&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
pkg:rpm/suse/bouncycastle&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-30171 | Med | 5.9 | < 1.78.1-150200.3.29.1 | 1.78.1-150200.3.29.1 | May 14, 2024 | An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing. | |
| CVE-2023-48795 | Med | 5.9 | < 1.77-150200.3.24.1 | 1.77-150200.3.24.1 | Dec 18, 2023 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end |
- affected < 1.78.1-150200.3.29.1fixed 1.78.1-150200.3.29.1
An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
- affected < 1.77-150200.3.24.1fixed 1.77-150200.3.24.1
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end