An issue exists in Bouncy Castle Java TLS API and JSSE Provider prior to 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.