vulnerability

Red Hat JBoss EAP: CVE-2024-30172: Other

Name: Red Hat JBoss EAP: CVE-2024-30172: Other
Creator: Red Hat
Published: 2024-05-09T00:00:00.000Z
Keywords: CVE, Red Hat JBoss EAP, 2024, 30172, Other, red-hat-jboss-eap-upgrade-latest, Severity 8

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

May 9, 2024

Added

Sep 19, 2024

Modified

Mar 25, 2026

Description

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.. A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service.

Solution

red-hat-jboss-eap-upgrade-latest

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report