Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Non-constant time comparisons risk private key leakage in FrodoKEM.
Vulnerability Description
Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.84.
CVSS Information
N/A
Vulnerability Type
隐蔽时间通道
Vulnerability Title
Bouncy Castle Java 安全漏洞
Vulnerability Description
Bouncy Castle Java是Legion of the Bouncy Castle Inc开源的一个加密算法程序。 Bouncy Castle Java 2.17.3至1.84之前版本存在安全漏洞,该漏洞源于非恒定时间比较,可能导致FrodoKEM私钥泄露。
CVSS Information
N/A
Vulnerability Type
N/A