Vulnerability

CVE-2024-34447
CVSS Score 7.7 high

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

CWE

CWE-297

[CVE-2024-34447] CWE-297: Improper Validation of Certificate with Host Mismatch

Description

bouncycastle - Improper Validation of Certificate with Host Mismatch The software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.

See org.bouncycastle/bcprov-jdk18on package information