18 matches found
Security Bulletin: IBM® Db2® is affected by vulnerabilities in bcprov-jdk18on-1.82 and bcpkix-jdk18on-1.82.
Summary IBM® Db2® is affected by vulnerabilities in bcprov-jdk18on-1.82 and bcpkix-jdk18on-1.82 Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This...
Security Bulletin: Multiple Security Vulnerabilities in third-Party libraries used by IBM Tivoli Netcool Configuration Manager
Summary Multiple vulnerabilities in the third-party Bouncy Castle libraries used by IBM Tivoli Netcool Configuration Manager have been addressed. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle In...
Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by broken or risky algorithm.
Summary bcprov-jdk18on-1.81.jar is used by IBM Sterling Connect:Direct Web Services CVE-2025-14813, CVE-2026-5598. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all cor...
Security Bulletin: IBM Technical Support Appliance is affected by a timing channel vulnerability in Bouncy Castle BC-JAVA
Summary IBM Technical Support Appliance TSA includes a vulnerable version of the Bouncy Castle BC-JAVA library bcprov-jdk18on-1.78.1.jar. A flaw in the FrodoEngine component may expose information through a covert timing channel, potentially affecting the confidentiality of cryptographic operatio...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.6 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.13.5 release and security update
Red Hat AMQ Broker 7.13.5 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2025-14813
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...
OPENSUSE-SU-2026:20627-1 Security update for bouncycastle
This update for bouncycastle fixes the following issues: - Update to version 1.84: - CVE-2025-14813: GOSTCTR implementation unable to process more than 255 blocks correctly bsc1262225. - CVE-2026-0636: LDAP Injection Vulnerability in LDAPStoreHelper.java bsc1262226. - CVE-2026-3505: Unbounded PGP...
bouncycastle-1.84-1.1 on GA media (moderate)
bouncycastle-1.84-1.1 on GA media Announcement ID: openSUSE-SU-2026:10571-1 Rating: moderate Cross-References: CVE-2025-14813 CVE-2026-0636 CVE-2026-3505 CVE-2026-5588 CVE-2026-5598 CVSS scores: CVE-2025-14813 SUSE : 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L CVE-2025-14813 SUSE : 8.3...
CVE-2025-14813
creationtimestamp| type| source ---|---|--- 2026-04-15 13:04:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjjxh2c67m2t...
app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +1824 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-jdk15to18 (>=1.63 <=1.83)
org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.63, =0.0.2, =0.0.1, =0.2.9, =0.1.0, =0.2.1, =0.2.0, =0.1.0-M36, =0.1.0-M26, =1.0.0, =1.0.1, =0.2.0, =0.2.0, =0.3.0 - ch.pontius.nio:smb-nio =0.9.0 and more Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075265...
com.github.bjlhx15:common-pdf (=0.0.4), com.github.rjolly:flying-saucer (>=9.1.20 <=9.1.25) +81 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-jdk14 (>=1.59 <=1.83)
org.bouncycastle:bcprov-jdk14 MAVEN version =1.59, =9.1.20, =0.1.1, =2.2, =2.0.1, =7.0, =1.5, =12.3, =1.2.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.2.6 and more Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075264...
io.github.jinahya:jinahya-bcprov (=0.0.1), org.apache.camel.karaf:camel-as2 (>=4.7.0 <=4.10.7) +14 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-debug-jdk18on (>=1.71 <=1.83)
org.bouncycastle:bcprov-debug-jdk18on MAVEN version =1.71, =4.7.0, =4.7.0, =3.0.0-M1, =3.0.0-M1, =3.2.0, =3.18.0, =3.18.0, =3.18.0, =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 and more Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075263...
org.bouncycastle:bcmail-debug-jdk14 (>=1.81 <=1.83), org.bouncycastle:bcpg-debug-jdk14 (>=1.81 <=1.83) +3 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-debug-jdk14 (>=1.81 <=1.83)
org.bouncycastle:bcprov-debug-jdk14 MAVEN version =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075261...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +17247 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.83)
org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.2.0, =0.31.0, =0.5.0, =0.6.0, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.7 and more Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075266...
UBUNTU-CVE-2025-14813
: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is associated with program files G3413CTRBlockCipher. This issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82...
CVE-2025-14813 GOSTCTR implementation unable to process more than 255 blocks correctly
: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is associated with program files G3413CTRBlockCipher. This issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82...
CVE-2025-14813 GOSTCTR implementation unable to process more than 255 blocks correctly
: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is associated with program files G3413CTRBlockCipher. This issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82...