VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-8kgr-r3r4-aaak

Essentials
Severities (114)
References (27)
Severity details (25)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-8kgr-r3r4-aaak
Aliases	CVE-2024-30171 GHSA-v435-xc8x-wvr9
Summary	An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-208	Observable Timing Discrepancy
CWE-203	Observable Discrepancy
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1	5.3	https://access.redhat.com/errata/RHSA-2024:5143
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:5143
cvssv3.1	5.3	https://access.redhat.com/errata/RHSA-2024:5144
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:5144
cvssv3.1	5.3	https://access.redhat.com/errata/RHSA-2024:5145
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:5145
cvssv3.1	5.3	https://access.redhat.com/errata/RHSA-2024:5147
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:5147
cvssv3	5.9	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.0005	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00081	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00081	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00081	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00081	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00081	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00081	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00081	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00084	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
epss	0.00159	https://api.first.org/data/v1/epss?cve=CVE-2024-30171
cvssv3.1	5.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-v435-xc8x-wvr9
cvssv3.1	5.9	https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217
generic_textual	MODERATE	https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217
cvssv3.1	5.9	https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171
generic_textual	MODERATE	https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171
cvssv3.1	5.9	https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0
generic_textual	MODERATE	https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0
cvssv3.1	5.9	https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d
generic_textual	MODERATE	https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d
cvssv3.1	5.9	https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171
generic_textual	MODERATE	https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171
cvssv3.1	5.9	https://security.netapp.com/advisory/ntap-20240614-0008
generic_textual	MODERATE	https://security.netapp.com/advisory/ntap-20240614-0008
cvssv3.1	5.3	https://www.bouncycastle.org/latest_releases.html
generic_textual	LOW	https://www.bouncycastle.org/latest_releases.html

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-30171
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30171
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217
		https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171
		https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0
		https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d
		https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171
		https://security.netapp.com/advisory/ntap-20240614-0008
		https://security.netapp.com/advisory/ntap-20240614-0008/
		https://www.bouncycastle.org/latest_releases.html
1070655		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
2276360		https://bugzilla.redhat.com/show_bug.cgi?id=2276360
CVE-2024-30171		https://nvd.nist.gov/vuln/detail/CVE-2024-30171
GHSA-v435-xc8x-wvr9		https://github.com/advisories/GHSA-v435-xc8x-wvr9
RHSA-2024:4173		https://access.redhat.com/errata/RHSA-2024:4173
RHSA-2024:4271		https://access.redhat.com/errata/RHSA-2024:4271
RHSA-2024:4326		https://access.redhat.com/errata/RHSA-2024:4326
RHSA-2024:4505		https://access.redhat.com/errata/RHSA-2024:4505
RHSA-2024:5143		https://access.redhat.com/errata/RHSA-2024:5143
RHSA-2024:5144		https://access.redhat.com/errata/RHSA-2024:5144
RHSA-2024:5145		https://access.redhat.com/errata/RHSA-2024:5145
RHSA-2024:5147		https://access.redhat.com/errata/RHSA-2024:5147
RHSA-2024:5479		https://access.redhat.com/errata/RHSA-2024:5479
RHSA-2024:5481		https://access.redhat.com/errata/RHSA-2024:5481
RHSA-2024:5482		https://access.redhat.com/errata/RHSA-2024:5482

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2024:5143

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:00:49Z/ Found at https://access.redhat.com/errata/RHSA-2024:5143

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2024:5144

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:00:49Z/ Found at https://access.redhat.com/errata/RHSA-2024:5144

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2024:5145

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:00:49Z/ Found at https://access.redhat.com/errata/RHSA-2024:5145

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/errata/RHSA-2024:5147

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:00:49Z/ Found at https://access.redhat.com/errata/RHSA-2024:5147

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://security.netapp.com/advisory/ntap-20240614-0008

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://www.bouncycastle.org/latest_releases.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.13021
EPSS Score	0.00044
Published At	June 11, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2024-04-23T22:42:23.819690+00:00	SUSE Severity Score Importer	Import	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml	34.0.0rc4