11 matches found
ROOT-APP-MAVEN-CVE-2026-5598 CVE-2026-5598 in io.root.org.bouncycastle:bcprov-jdk18on - Patched by Root
Root has patched CVE-2026-5598 in the io.root.org.bouncycastle:bcprov-jdk18on package for Root:Maven. Multiple fixed versions available...
cn.hyperchain.javasdk:hyperchainsdk (>=4.2.1 <=4.2.3), com.github.WHUTzju:blockchainsdk (=4.1.3) +79 more potentially affected by CVE-2026-5588 via org.bouncycastle:bcpkix-jdk14 (>=1.50 <=1.83)
org.bouncycastle:bcpkix-jdk14 MAVEN version =1.50, =4.2.1, =9.1.20, =2.0, =2.0, =2.0, =0.1.1, =1.0.1.0.20180504134220, =2.2, =2.0.1, =7.0, =1.5, =12.3, =1.2.0, =1.2.6 and more Source cves: CVE-2026-5588 Source advisory: OSV:GHSA-WG6Q-6289-32HP...
cn.loyom.boot:loyom-boot-business-demo (=1.0.3-JDK21), cn.loyom.boot:loyom-boot-business-sqlite-exe-demo (=1.0.3-JDK21) +213 more potentially affected by CVE-2025-12194 via org.bouncycastle:bcprov-lts8on (>=2.73.0 <=2.73.7)
org.bouncycastle:bcprov-lts8on MAVEN version =2.73.0, =1.0.0-JDK21, =1.0.0-JDK21, =1.0.0-JDK21, =1.0.0-JDK21, =1.0.3-JDK21, =1.0.0-JDK21, =1.0.0-JDK21, =1.0.0-JDK21, =1.0.0-JDK21, =1.0.0-JDK21, =1.0.0-JDK21, =1.0.3-JDK21, =1.0.3.2-JDK21 and more Source cves: CVE-2025-12194 Source advisory:...
ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +7317 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcpkix-jdk18on (>=1.71 <=1.78.1)
org.bouncycastle:bcpkix-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =3.10.0.5, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2025.05.12.160240-6152e21 and more Source cves: CVE-2025-8916 Source...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1...
aero.m-click:mcpdf (>=0.2.3 <=0.2.10), ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.6.0.0) +28976 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk15on (>=1.51 <=1.70)
org.bouncycastle:bcprov-jdk15on MAVEN version =1.51, =0.2.3, =4.4.0.0, =0.42.1, =0.1.12, =0.1.2, =0.28.0, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2025-8885 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11777856...
ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +7655 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.77)
org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.4.0, =1.2.0, =1.2.0-alpha07, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2025.05.12.160240-6152e21 and more Source cves: CVE-2025-8885 Source...
cn.ponfee:commons-core (>=1.1 <=1.4), de.fraunhofer.iem:CryptoAnalysis (>=2.8.1 <=3.1.1) +19 more potentially affected by CVE-2024-30171 via org.bouncycastle:bctls-jdk18on (>=1.71 <=1.77)
org.bouncycastle:bctls-jdk18on MAVEN version =1.71, =1.1, =2.8.1, =2.8.1, =1.0.3, =1.0.0, =1.0.0, =1.1.1, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.2.1, =1.0.0, =2.1.3, =1.2.1, =3.0.3 and more Source cves: CVE-2024-30171 Source advisory: OSV:GHSA-V435-XC8X-WVR9...
Observable Discrepancy
Overview BouncyCastle is a C implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Observable Discrepancy due to the timing difference between exceptions thrown when processing RSA key exchange handshakes, AKA Marvin. Note: The implemented fix mitigates t...
ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), aero.m-click:mcpdf (>=0.2.3 <=0.2.4) +6778 more potentially affected by CVE-2016-1000345 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.55)
org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =0.2.3, =0.42.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2016-1000345 Source advisory: OSV:GHSA-9GP4-QRFF-C648...