CVE-2024-30171: Tls Tlsrsakeyexchange Cs Cwe 000 Cve 2024 30171

BouncyCastle DecryptPreMasterSecret is vulnerable to a timing side-channel (Marvin Attack, CVE-2024-30171)

Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0

C#^β

greprules fetch cve-2024-30171-tls-tlsrsakeyexchange-cs-cwe-000-cve-2024-30171 --engine opengrep

Description

BouncyCastle DecryptPreMasterSecret is vulnerable to a timing side-channel (Marvin Attack, CVE-2024-30171)

License: Apache-2.0
Source context: Public repository
Source: Provally CVE rule catalog
Validation status: Verified
Quality signals: 145 downloads
0 direct145 via packs
· 0 stars · Quality score 61How quality works
Included packs: 2 packs

0 signals from signed-in users.