Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap8-jboss-openjdk-orb@10.1.0-1.Final_redhat_00001.1?arch=el9eap
Typerpm
Namespaceredhat
Nameeap8-jboss-openjdk-orb
Version10.1.0-1.Final_redhat_00001.1
Qualifiers
arch el9eap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-98ws-cchw-a3fe
vulnerability_id VCID-98ws-cchw-a3fe
summary 
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29857.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29857.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-29857
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48729
published_at 2026-06-09T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48752
published_at 2026-06-05T12:55:00Z
2
value 0.00252
scoring_system epss
scoring_elements 0.48713
published_at 2026-06-08T12:55:00Z
3
value 0.00252
scoring_system epss
scoring_elements 0.4876
published_at 2026-06-06T12:55:00Z
4
value 0.00252
scoring_system epss
scoring_elements 0.48742
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-29857
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29857
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63
5
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/
url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857
6
reference_url https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f
7
reference_url https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857
9
reference_url https://security.netapp.com/advisory/ntap-20241206-0008
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241206-0008
10
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/
url https://www.bouncycastle.org/latest_releases.html
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
reference_id 1070655
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2293028
reference_id 2293028
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2293028
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-29857
reference_id CVE-2024-29857
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-29857
14
reference_url https://github.com/advisories/GHSA-8xfc-gm6g-vgpv
reference_id GHSA-8xfc-gm6g-vgpv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8xfc-gm6g-vgpv
15
reference_url https://access.redhat.com/errata/RHSA-2024:4271
reference_id RHSA-2024:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4271
16
reference_url https://access.redhat.com/errata/RHSA-2024:4326
reference_id RHSA-2024:4326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4326
17
reference_url https://access.redhat.com/errata/RHSA-2024:4505
reference_id RHSA-2024:4505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4505
18
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
19
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
20
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
21
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
aliases CVE-2024-29857, GHSA-8xfc-gm6g-vgpv
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98ws-cchw-a3fe
1
url VCID-addw-cfsb-6uhy
vulnerability_id VCID-addw-cfsb-6uhy
summary 
Netty's HttpPostRequestDecoder can OOM
The `HttpPostRequestDecoder` can be tricked to accumulate data. I have spotted currently two attack vectors
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29025.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29025.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-29025
reference_id
reference_type
scores
0
value 0.00343
scoring_system epss
scoring_elements 0.57216
published_at 2026-06-09T12:55:00Z
1
value 0.00343
scoring_system epss
scoring_elements 0.57199
published_at 2026-06-08T12:55:00Z
2
value 0.00343
scoring_system epss
scoring_elements 0.57213
published_at 2026-06-07T12:55:00Z
3
value 0.00343
scoring_system epss
scoring_elements 0.57225
published_at 2026-06-06T12:55:00Z
4
value 0.00343
scoring_system epss
scoring_elements 0.57217
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-29025
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29025
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29025
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/
url https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3
5
reference_url https://github.com/netty/netty
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/netty/netty
6
reference_url https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/
url https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c
7
reference_url https://github.com/vietj/netty/tree/post-request-decoder
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/vietj/netty/tree/post-request-decoder
8
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00015.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00015.html
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068110
reference_id 1068110
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068110
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2272907
reference_id 2272907
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2272907
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-29025
reference_id CVE-2024-29025
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-29025
12
reference_url https://github.com/advisories/GHSA-5jpm-x58v-624v
reference_id GHSA-5jpm-x58v-624v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5jpm-x58v-624v
13
reference_url https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v
reference_id GHSA-5jpm-x58v-624v
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/
url https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v
14
reference_url https://access.redhat.com/errata/RHSA-2024:3550
reference_id RHSA-2024:3550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3550
15
reference_url https://access.redhat.com/errata/RHSA-2024:4460
reference_id RHSA-2024:4460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4460
16
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
17
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
18
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
19
reference_url https://access.redhat.com/errata/RHSA-2024:6657
reference_id RHSA-2024:6657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6657
20
reference_url https://usn.ubuntu.com/7284-1/
reference_id USN-7284-1
reference_type
scores
url https://usn.ubuntu.com/7284-1/
fixed_packages
aliases CVE-2024-29025, GHSA-5jpm-x58v-624v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-addw-cfsb-6uhy
2
url VCID-f47r-4t52-3bgq
vulnerability_id VCID-f47r-4t52-3bgq
summary 
This advisory has been marked as False-Positive and removed
An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30172.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30172.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-30172
reference_id
reference_type
scores
0
value 0.00091
scoring_system epss
scoring_elements 0.25709
published_at 2026-06-07T12:55:00Z
1
value 0.00091
scoring_system epss
scoring_elements 0.25656
published_at 2026-06-09T12:55:00Z
2
value 0.00091
scoring_system epss
scoring_elements 0.2565
published_at 2026-06-08T12:55:00Z
3
value 0.00091
scoring_system epss
scoring_elements 0.25766
published_at 2026-06-05T12:55:00Z
4
value 0.00091
scoring_system epss
scoring_elements 0.25757
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-30172
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30172
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30172
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030172
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030172
5
reference_url https://github.com/bcgit/bc-java/commit/1b9fd9b545e691bfb3941a9f6a797660c8860f02
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/1b9fd9b545e691bfb3941a9f6a797660c8860f02
6
reference_url https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49
7
reference_url https://github.com/bcgit/bc-java/commit/ebe1c75579170072dc59b8dee2b55ce31663178f
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/ebe1c75579170072dc59b8dee2b55ce31663178f
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030172
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030172
9
reference_url https://security.netapp.com/advisory/ntap-20240614-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240614-0007
10
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T13:44:28Z/
url https://www.bouncycastle.org/latest_releases.html
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
reference_id 1070655
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2293025
reference_id 2293025
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2293025
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-30172
reference_id CVE-2024-30172
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-30172
14
reference_url https://github.com/advisories/GHSA-m44j-cfrm-g8qc
reference_id GHSA-m44j-cfrm-g8qc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m44j-cfrm-g8qc
15
reference_url https://security.netapp.com/advisory/ntap-20240614-0007/
reference_id ntap-20240614-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T13:44:28Z/
url https://security.netapp.com/advisory/ntap-20240614-0007/
16
reference_url https://access.redhat.com/errata/RHSA-2024:4271
reference_id RHSA-2024:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4271
17
reference_url https://access.redhat.com/errata/RHSA-2024:4326
reference_id RHSA-2024:4326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4326
18
reference_url https://access.redhat.com/errata/RHSA-2024:4505
reference_id RHSA-2024:4505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4505
19
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
20
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
21
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
22
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
aliases CVE-2024-30172, GHSA-m44j-cfrm-g8qc
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f47r-4t52-3bgq
3
url VCID-fdgv-77kb-ybat
vulnerability_id VCID-fdgv-77kb-ybat
summary 
This advisory has been marked as False-Positive and removed
An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-30171
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.33695
published_at 2026-06-05T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.33665
published_at 2026-06-09T12:55:00Z
2
value 0.00139
scoring_system epss
scoring_elements 0.33675
published_at 2026-06-07T12:55:00Z
3
value 0.00139
scoring_system epss
scoring_elements 0.33709
published_at 2026-06-06T12:55:00Z
4
value 0.00139
scoring_system epss
scoring_elements 0.3364
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-30171
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30171
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30171
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217
5
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171
6
reference_url https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0
7
reference_url https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171
9
reference_url https://security.netapp.com/advisory/ntap-20240614-0008
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240614-0008
10
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://www.bouncycastle.org/latest_releases.html
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
reference_id 1070655
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2276360
reference_id 2276360
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2276360
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-30171
reference_id CVE-2024-30171
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-30171
14
reference_url https://github.com/advisories/GHSA-v435-xc8x-wvr9
reference_id GHSA-v435-xc8x-wvr9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v435-xc8x-wvr9
15
reference_url https://security.netapp.com/advisory/ntap-20240614-0008/
reference_id ntap-20240614-0008
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://security.netapp.com/advisory/ntap-20240614-0008/
16
reference_url https://access.redhat.com/errata/RHSA-2024:4173
reference_id RHSA-2024:4173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4173
17
reference_url https://access.redhat.com/errata/RHSA-2024:4271
reference_id RHSA-2024:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4271
18
reference_url https://access.redhat.com/errata/RHSA-2024:4326
reference_id RHSA-2024:4326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4326
19
reference_url https://access.redhat.com/errata/RHSA-2024:4505
reference_id RHSA-2024:4505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4505
20
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
21
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
22
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
23
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
aliases CVE-2024-30171, GHSA-v435-xc8x-wvr9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fdgv-77kb-ybat
Fixing_vulnerabilities
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap8-jboss-openjdk-orb@10.1.0-1.Final_redhat_00001.1%3Farch=el9eap