Package impact
NuGet / BouncyCastle
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2024-29857 | unknown | — | — | 2y ago | Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. | |
| CVE-2024-30171 | unknown | — | — | 2y ago | Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack") | |
| CVE-2024-30172 | unknown | — | — | 2y ago | Bouncy Castle crafted signature and public key can be used to trigger an infinite loop | |
| CVE-2020-15522 | unknown | — | — | 5y ago | Timing based private key exposure in Bouncy Castle |