Monthly
Availability degradation in Bouncy Castle BC-FJA cryptographic library versions 2.1.0 through 2.1.2 on Linux X86_64 systems with AVX or AVX-512f SIMD extensions affects GCM-128 and GCM-512 operations, allowing local attackers to cause denial of service without authentication. The vulnerability is associated with optimized assembly implementations (gcm128w, gcm512w) and results in availability impact with no confidentiality or integrity compromise. No public exploit code or active exploitation has been identified at time of analysis.
WebAssembly exception handling vulnerability in the arkweb v8 module that prevents proper capture of specific Wasm exception types, potentially allowing attackers to bypass security controls or trigger unexpected application behavior. The vulnerability affects arkweb's V8 integration layer and requires network access but high attack complexity to exploit. While the CVSS score of 8.1 indicates high severity with potential impacts to confidentiality, integrity, and availability, real-world exploitability depends on whether active exploitation or proof-of-concept code exists.
Availability degradation in Bouncy Castle BC-FJA cryptographic library versions 2.1.0 through 2.1.2 on Linux X86_64 systems with AVX or AVX-512f SIMD extensions affects GCM-128 and GCM-512 operations, allowing local attackers to cause denial of service without authentication. The vulnerability is associated with optimized assembly implementations (gcm128w, gcm512w) and results in availability impact with no confidentiality or integrity compromise. No public exploit code or active exploitation has been identified at time of analysis.
WebAssembly exception handling vulnerability in the arkweb v8 module that prevents proper capture of specific Wasm exception types, potentially allowing attackers to bypass security controls or trigger unexpected application behavior. The vulnerability affects arkweb's V8 integration layer and requires network access but high attack complexity to exploit. While the CVSS score of 8.1 indicates high severity with potential impacts to confidentiality, integrity, and availability, real-world exploitability depends on whether active exploitation or proof-of-concept code exists.