133 matches found
Use of a Broken or Risky Cryptographic Algorithm
Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the generateCTR process in G3413CTRBlockCipher. An attacker can recover relationships between encrypted plaintext blocks by driving the cipher past its counter range and causing th...
org.bouncycastle:bcmail-debug-jdk14 (>=1.81 <=1.83), org.bouncycastle:bcpg-debug-jdk14 (>=1.81 <=1.83) +3 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-debug-jdk14 (>=1.81 <=1.83)
org.bouncycastle:bcprov-debug-jdk14 MAVEN version =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075261...
Use of a Broken or Risky Cryptographic Algorithm
Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the generateCTR process in G3413CTRBlockCipher. An attacker can recover relationships between encrypted plaintext blocks by driving the cipher past its counter range and causing th...
app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +1824 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-jdk15to18 (>=1.63 <=1.83)
org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.63, =0.0.2, =0.0.1, =0.2.9, =0.1.0, =0.2.1, =0.2.0, =0.1.0-M36, =0.1.0-M26, =1.0.0, =1.0.1, =0.2.0, =0.2.0, =0.3.0 - ch.pontius.nio:smb-nio =0.9.0 and more Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075265...
org.bouncycastle:bcjmail-debug-jdk15to18 (>=1.81 <=1.83), org.bouncycastle:bcmail-debug-jdk15to18 (>=1.81 <=1.83) +4 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-debug-jdk15to18 (>=1.81 <=1.83)
org.bouncycastle:bcprov-debug-jdk15to18 MAVEN version =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 Source cves: CVE-2026-5598 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16074608...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +17247 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.83)
org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.2.0, =0.31.0, =0.5.0, =0.6.0, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.7 and more Source cves: CVE-2026-5598 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16074612...
io.github.jinahya:jinahya-bcprov (=0.0.1), org.apache.camel.karaf:camel-as2 (>=4.7.0 <=4.10.7) +14 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-debug-jdk18on (>=1.71 <=1.83)
org.bouncycastle:bcprov-debug-jdk18on MAVEN version =1.71, =4.7.0, =4.7.0, =3.0.0-M1, =3.0.0-M1, =3.2.0, =3.18.0, =3.18.0, =3.18.0, =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 and more Source cves: CVE-2026-5598 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16074609...
app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +1449 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-jdk15to18 (>=1.71 <=1.83)
org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.71, =0.0.2, =0.0.2.1, =0.2.9, =0.2.8, =0.2.8, =0.2.8, =0.1.0-M36, =0.1.0-M27, =1.0.1, =3.5.0.0, =3.5.5.3 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk =3.0.0-RC1 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk-solon-boot-2-starter =3.0.0-RC1 and more Source cves...
CVE-2026-0636
Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all prov modules. This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from...
Security Bulletin: IBM® Db2® Federated server is affected by a vulnerability in bcprov-jdk18on and bcpkix-jdk18on (CVE-2025-8916)
Summary IBM® Db2® Federated server is affected by a vulnerability in bcprov-jdk18on and bcpkix-jdk18on. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules,...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in DisposalDaemon.java. In high-core environments under heavy load, the disposal thread can fall behind and allow excessive memory use. Note This issue was reported for environments...
EUVD-2025-24555
Malicious code in bioql PyPI...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the AESNativeCBC class due to the use of a private instance class, rather than a private static class. An attacker can cause heap exhaustion by triggering excessive memory allocati...
GHSA-4CX2-FC23-5WG6 Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All API modules allows Excessive Allocation. This vulnerability is associated with program files...
DEBIAN-CVE-2025-8916
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All API modules allows Excessiv...
Allocation of Resources Without Limits or Throttling
Overview org.bouncycastle:bcprov-ext-jdk15to18 is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An...
com.walterjwhite.java.examples:ssh (=0.0.17), com.walterjwhite.java.modules.linux-builder.modules.cli.providers:cdi (=0.0.17) +23 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-ext-jdk14 (>=1.51 <=1.72)
org.bouncycastle:bcprov-ext-jdk14 MAVEN version =1.51, =0.1.0, =0.1.0, =0.1.2 - io.github.qsy7.java.modules.linux-builder.modules.cli.providers:guice =0.1.0 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789696...
ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), aero.m-click:mcpdf (>=0.2.3 <=0.2.10) +30376 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.70)
org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =0.2.3, =4.4.0.0, =0.42.1, =0.1.12, =0.1.2, =0.28.0, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789705...
com.github.mizosoft.methanol:benchmarks (>=1.1.0 <=1.2.0), com.github.mizosoft.methanol:methanol-testutils (>=1.1.0 <=1.2.0) +35 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-debug-jdk15on (>=1.53 <=1.70)
org.bouncycastle:bcprov-debug-jdk15on MAVEN version =1.53, =1.1.0, =1.1.0, =0.8.635, =0.8.635, =0.8.635, =0.8.635, =0.0.1, =4.4.0, =1.3.8, =1.3.7, =1.3.7, =1.3.8, =1.4.0 - de.ohmesoftware:keytool =0.0.2 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789704...
org.apache.camel.karaf:camel-as2 (>=4.7.0 <=4.8.9), org.apache.camel.karaf:camel-as2-test (>=4.7.0 <=4.8.9) +6 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-debug-jdk18on (>=1.71 <=1.78)
org.bouncycastle:bcprov-debug-jdk18on MAVEN version =1.71, =4.7.0, =4.7.0, =3.0.0-M1, =3.0.0-M1, =3.2.0, =3.18.0, =3.18.0, =3.18.0, =4.8.9 Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789690...