Search for packages
Package details: pkg:nuget/BouncyCastle.Cryptography@2.3.1
purl pkg:nuget/BouncyCastle.Cryptography@2.3.1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-3n8c-mcad-6ybm Bouncy Castle crafted signature and public key can be used to trigger an infinite loop An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key. CVE-2024-30172
GHSA-m44j-cfrm-g8qc
VCID-gr1b-m4u1-z7a3 Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters. CVE-2024-29857
GHSA-8xfc-gm6g-vgpv
VCID-t3ap-b4c1-byfr Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack") An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing. CVE-2024-30171
GHSA-v435-xc8x-wvr9

Date Actor Action Vulnerability Source VulnerableCode Version
2025-07-31T12:37:31.913009+00:00 GHSA Importer Fixing VCID-3n8c-mcad-6ybm https://github.com/advisories/GHSA-m44j-cfrm-g8qc 37.0.0
2025-07-31T12:37:31.426451+00:00 GHSA Importer Fixing VCID-t3ap-b4c1-byfr https://github.com/advisories/GHSA-v435-xc8x-wvr9 37.0.0
2025-07-31T12:37:31.391508+00:00 GHSA Importer Fixing VCID-gr1b-m4u1-z7a3 https://github.com/advisories/GHSA-8xfc-gm6g-vgpv 37.0.0
2025-07-31T09:31:56.551426+00:00 GitLab Importer Fixing VCID-gr1b-m4u1-z7a3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/BouncyCastle.Cryptography/CVE-2024-29857.yml 37.0.0
2025-07-31T09:31:56.355868+00:00 GitLab Importer Fixing VCID-3n8c-mcad-6ybm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/BouncyCastle.Cryptography/CVE-2024-30172.yml 37.0.0
2025-07-31T09:31:55.318266+00:00 GitLab Importer Fixing VCID-t3ap-b4c1-byfr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/BouncyCastle.Cryptography/CVE-2024-30171.yml 37.0.0
2025-07-31T08:35:51.610102+00:00 GithubOSV Importer Fixing VCID-gr1b-m4u1-z7a3 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-8xfc-gm6g-vgpv/GHSA-8xfc-gm6g-vgpv.json 37.0.0
2025-07-31T08:35:46.521145+00:00 GithubOSV Importer Fixing VCID-t3ap-b4c1-byfr https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-v435-xc8x-wvr9/GHSA-v435-xc8x-wvr9.json 37.0.0
2025-07-31T08:35:29.926731+00:00 GithubOSV Importer Fixing VCID-3n8c-mcad-6ybm https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-m44j-cfrm-g8qc/GHSA-m44j-cfrm-g8qc.json 37.0.0