An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.bouncycastle:bcprov-jdk18on(Maven) | 1.73 | 1.78 | N/A |
| org.bouncycastle:bcprov-jdk15to18(Maven) | 1.73 | 1.78 | N/A |
| org.bouncycastle:bcprov-jdk14(Maven) | 1.73 | 1.78 | N/A |
| org.bouncycastle:bctls-jdk18on(Maven) | 1.73 | 1.78 | N/A |
| org.bouncycastle:bctls-jdk14(Maven) | 1.73 | 1.78 | N/A |
| org.bouncycastle:bctls-jdk15to18(Maven) | 1.73 | 1.78 | N/A |
| BouncyCastle(NuGet) | 0 | N/A | N/A |
| BouncyCastle.Cryptography(NuGet) | 0 | 2.3.1 | N/A |
CVSS Metrics
