Search

Find a vulnerability

Search criteria

    24 vulnerabilities by Legion of the Bouncy Castle Inc.

    CVE-2026-8149 (GCVE-0-2026-8149)

    Vulnerability from nvd – Published: 2026-05-08 06:01 – Updated: 2026-05-18 23:39
    VLAI
    Title
    GCM chunking can lead to bad tag exception on decryption
    Summary
    A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X86_64, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-LTS: from 2.73.0 before 2.73.11.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-LTS Affected: 2.73.0 , < 2.73.11 (maven)
    Create a notification for this product.
    Credits
    Michael Schäfer, Kiteworks
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8149",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T12:50:54.859989Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T12:51:03.873Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java-fips/",
              "defaultStatus": "unaffected",
              "packageName": "BC-LTS",
              "platforms": [
                "Linux",
                "X86_64",
                "AVX",
                "AVX-512f"
              ],
              "product": "BC-LTS",
              "programFiles": [
                "gcm128w",
                "gcm512w"
              ],
              "repo": "https://repo1.maven.org/maven2/org/bouncycastle/bcprov-lts18on",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "2.73.11",
                  "status": "affected",
                  "version": "2.73.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Sch\u00e4fer, Kiteworks"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X86_64, AVX, AVX-512f.\u003cp\u003e This vulnerability is associated with program files gcm128w, gcm512w.\u003c/p\u003e\u003cp\u003eThis issue affects BC-LTS: from 2.73.0 before 2.73.11.\u003c/p\u003e"
                }
              ],
              "value": "A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X86_64, AVX, AVX-512f.\n\n This vulnerability is associated with program files gcm128w, gcm512w.\n\n\n\nThis issue affects BC-LTS: from 2.73.0 before 2.73.11."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NEGLIGIBLE",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:N/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1068",
                  "description": "CWE-1068",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-18T23:39:06.506Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%908149"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "GCM chunking can lead to bad tag exception on decryption",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "If possible pass whole message to GCM via doFinal(..) for decryption. Issue only occurs when decryption is chunked at certain boundaries."
                }
              ],
              "value": "If possible pass whole message to GCM via doFinal(..) for decryption. Issue only occurs when decryption is chunked at certain boundaries."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2026-8149",
        "datePublished": "2026-05-08T06:01:40.875Z",
        "dateReserved": "2026-05-08T05:23:49.585Z",
        "dateUpdated": "2026-05-18T23:39:06.506Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5598 (GCVE-0-2026-5598)

    Vulnerability from nvd – Published: 2026-04-15 09:05 – Updated: 2026-06-30 12:11
    VLAI
    Title
    Non-constant time comparisons risk private key leakage in FrodoKEM.
    Summary
    Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-JAVA Affected: 1.71 , < 1.80.2 (maven)
    Affected: 1.81 , < 1.81.1 (maven)
    Affected: 1.82 , < 1.84 (maven)
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 7.4 ELS for RHEL 7 Server     cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 7.4 ELS for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 7.4 ELS for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
        cpe:/a:redhat:jboss_enterprise_application_platform:7.4
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat AMQ Clients     cpe:/a:redhat:amq_clients:2023
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel for Spring Boot 4     cpe:/a:redhat:camel_spring_boot:4
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 2     cpe:/a:redhat:debezium:2
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Build of Keycloak     cpe:/a:redhat:build_keycloak:
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus     cpe:/a:redhat:quarkus:3
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8     cpe:/a:redhat:jboss_enterprise_application_platform:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Cristina Dueñas Navarro (cristina.duenas@jtsec.es) Sunwoo Lee and Seunghyun Yoon, Korea Institute of Energy Technology (KENTECH)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5598",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T13:11:48.318645Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T13:11:53.444Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 7.4 ELS for RHEL 7 Server",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 7.4 ELS for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 7.4 ELS for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7",
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_clients:2023"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Clients",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_spring_boot:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Apache Camel for Spring Boot 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:debezium:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Debezium 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Build of Keycloak",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Quarkus",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-15T09:05:56.277Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA core. A covert timing channel vulnerability, caused by non-constant time comparisons, risks the leakage of private keys in the FrodoKEM implementation. An unauthenticated, remote attacker can potentially exploit this timing discrepancy to gain unauthorized access to sensitive cryptographic information."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-385",
                    "description": "Covert Timing Channel",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:11:15.392Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-5598"
              },
              {
                "name": "RHBZ#2458635",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458635"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5598.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:12267"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18054"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18055"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:12269"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18059"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:12267: Red Hat JBoss EAP 7.4 ELS for RHEL 7 Server, Red Hat JBoss EAP 7.4 ELS for RHEL 8, Red Hat JBoss EAP 7.4 ELS for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:12269: Red Hat JBoss Enterprise Application Platform 7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-15T10:01:04.531Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-15T09:05:56.277Z",
                "value": "Made public."
              }
            ],
            "title": "bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this vulnerability, implement aggressive rate limiting and anomaly detection, specifically looking for unusual, high-frequency cryptographic handshake failures or anomalous traffic patterns targeting endpoints that handle key exchanges in the network logs."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
              "defaultStatus": "unaffected",
              "modules": [
                "core"
              ],
              "packageName": "core",
              "platforms": [
                "all"
              ],
              "product": "BC-JAVA",
              "programFiles": [
                "FrodoEngine.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "1.80.2",
                  "status": "affected",
                  "version": "1.71",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.81.1",
                  "status": "affected",
                  "version": "1.81",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.84",
                  "status": "affected",
                  "version": "1.82",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Cristina Due\u00f1as Navarro (cristina.duenas@jtsec.es)"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Sunwoo Lee and Seunghyun Yoon, Korea Institute of Energy Technology (KENTECH)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\u003cp\u003e This vulnerability is associated with program files FrodoEngine.Java.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
                }
              ],
              "value": "Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\n\n This vulnerability is associated with program files FrodoEngine.Java.\n\n\n\nThis issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.9,
                "baseSeverity": "HIGH",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-385",
                  "description": "CWE-385 Covert timing channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-14T09:34:39.363Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Non-constant time comparisons risk private key leakage in FrodoKEM.",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2026-5598",
        "datePublished": "2026-04-15T09:05:56.277Z",
        "dateReserved": "2026-04-05T07:25:44.930Z",
        "dateUpdated": "2026-06-30T12:11:15.392Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5588 (GCVE-0-2026-5588)

    Vulnerability from nvd – Published: 2026-04-15 09:06 – Updated: 2026-06-30 12:11
    VLAI
    Title
    PKIX draft CompositeVerifier accepts empty signature sequence as valid.
    Summary
    Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix modules). This vulnerability is associated with program files JcaContentVerifierProviderBuilder.Java, JcaContentVerfierProviderBuilder.Java. This issue affects BC-JAVA: from 1.67 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11; BCPIX-LTS: from 2.73.7 before 2.73.11.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-JAVA Affected: 1.67 , < 1.80.2 (maven)
    Affected: 1.81 , < 1.81.1 (maven)
    Affected: 1.82 , < 1.84 (maven)
    Create a notification for this product.
    Legion of the Bouncy Castle Inc. BCPKIX-FIPS Affected: 2.0.6 , < 2.0.11 (maven)
    Affected: 2.1.7 , < 2.1.11 (maven)
    Create a notification for this product.
    Legion of the Bouncy Castle Inc. BCPIX-LTS Affected: 2.73.7 , < 2.73.11 (maven)
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.12.7     cpe:/a:redhat:amq_broker:7.12
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.13.5     cpe:/a:redhat:amq_broker:7.13
    Create a notification for this product.
    Red Hat Red Hat Build of Apache Camel 4.14 for Quarkus 3.27     cpe:/a:redhat:apache_camel_quarkus:3.27
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28     cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14     cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.20.6.SP1     cpe:/a:redhat:quarkus:3.20::el8
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.27.3.SP1     cpe:/a:redhat:quarkus:3.27::el8
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Nicholas Carlini using Claude, Anthropic
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5588",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T19:35:32.235455Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T19:35:40.662Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.12"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.12.7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.13"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.13.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_quarkus:3.27"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.20::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.20.6.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.27::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.27.3.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-15T09:06:15.617Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix. The PKIX draft `CompositeVerifier` implementation improperly accepts an empty signature sequence as a valid cryptographic signature. This issue allows a remote attacker to bypass signature verification mechanisms, potentially compromising the authenticity and integrity of data."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-347",
                    "description": "Improper Verification of Cryptographic Signature",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:11:15.811Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-5588"
              },
              {
                "name": "RHBZ#2458634",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458634"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5588.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18054"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18055"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14276"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14272"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13631"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18059"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21772"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11720"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11721"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14276: Red Hat AMQ Broker 7.12.7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14272: Red Hat AMQ Broker 7.13.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13631: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11720: Red Hat build of Quarkus 3.20.6.SP1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11721: Red Hat build of Quarkus 3.27.3.SP1"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-15T10:00:59.672Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-15T09:06:15.617Z",
                "value": "Made public."
              }
            ],
            "title": "bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this flaw, check that the signature sequence is not empty before passing any data to the CompositeVerifier for cryptographic validation. If the sequence is empty or null, explicitly reject the payload before it is processed."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
              "defaultStatus": "unaffected",
              "modules": [
                "pkix"
              ],
              "packageName": "bcpkix",
              "platforms": [
                "all"
              ],
              "product": "BC-JAVA",
              "programFiles": [
                "JcaContentVerifierProviderBuilder.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "1.80.2",
                  "status": "affected",
                  "version": "1.67",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.81.1",
                  "status": "affected",
                  "version": "1.81",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.84",
                  "status": "affected",
                  "version": "1.82",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java-fips/",
              "defaultStatus": "unaffected",
              "modules": [
                "pkix"
              ],
              "packageName": "bcpkix",
              "platforms": [
                "All"
              ],
              "product": "BCPKIX-FIPS",
              "programFiles": [
                "JcaContentVerifierProviderBuilder.java"
              ],
              "repo": "https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-fips/",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "2.0.11",
                  "status": "affected",
                  "version": "2.0.6",
                  "versionType": "maven"
                },
                {
                  "lessThan": "2.1.11",
                  "status": "affected",
                  "version": "2.1.7",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java-lts/",
              "defaultStatus": "unaffected",
              "modules": [
                "pkix"
              ],
              "packageName": "bcpkix",
              "platforms": [
                "All"
              ],
              "product": "BCPIX-LTS",
              "programFiles": [
                "JcaContentVerfierProviderBuilder.java"
              ],
              "repo": "https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-lts8on/",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "2.73.11",
                  "status": "affected",
                  "version": "2.73.7",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Nicholas Carlini using Claude, Anthropic"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix modules).\u003cp\u003e This vulnerability is associated with program files JcaContentVerifierProviderBuilder.Java, JcaContentVerfierProviderBuilder.Java.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.67 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11; BCPIX-LTS: from 2.73.7 before 2.73.11.\u003c/p\u003e"
                }
              ],
              "value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix modules).\n\n This vulnerability is associated with program files JcaContentVerifierProviderBuilder.Java, JcaContentVerfierProviderBuilder.Java.\n\n\n\nThis issue affects BC-JAVA: from 1.67 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11; BCPIX-LTS: from 2.73.7 before 2.73.11."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-18T23:22:57.378Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905588"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/656bae0dbd9b1521f840521ff786e78749fe3057"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "PKIX draft CompositeVerifier accepts empty signature sequence as valid.",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2026-5588",
        "datePublished": "2026-04-15T09:06:15.617Z",
        "dateReserved": "2026-04-04T23:50:59.336Z",
        "dateUpdated": "2026-06-30T12:11:15.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3505 (GCVE-0-2026-3505)

    Vulnerability from nvd – Published: 2026-04-15 09:06 – Updated: 2026-06-30 12:09
    VLAI
    Title
    Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.
    Summary
    Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules). This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java. This issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of resources without limits or throttling
    • CWE-400 - Uncontrolled Resource Consumption
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-JAVA Affected: 1.74 , < 1.80.2 (maven)
    Affected: 1.81 , < 1.81.1 (maven)
    Affected: 1.82 , < 1.84 (maven)
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat Build of Apache Camel 4.14 for Quarkus 3.27     cpe:/a:redhat:apache_camel_quarkus:3.27
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14     cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat AMQ Clients     cpe:/a:redhat:amq_clients:2023
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Disclosure <disclosure@aisle.com>
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3505",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T13:10:48.791999Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T13:10:55.206Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_quarkus:3.27"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_clients:2023"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Clients",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-15T09:06:37.939Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpg. A specially crafted PGP AEAD (Authenticated Encryption with Associated Data) message with an unbounded chunk size can lead to an excessive consumption of memory. This issue allows an unauthenticated remote attacker to cause memory exhaustion in a JVM, resulting in a denial of service."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:09:25.714Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-3505"
              },
              {
                "name": "RHBZ#2458638",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458638"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3505.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18054"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18055"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13631"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18059"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13631: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-15T10:01:17.415Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-15T09:06:37.939Z",
                "value": "Made public."
              }
            ],
            "title": "bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this vulnerability, enforce payload size limits on all incoming PGP messages before processing them. Additionally, apply memory quotas to the JVM or container environment to prevent a complete system outage in the event of memory exhaustion."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
              "defaultStatus": "unaffected",
              "modules": [
                "pg"
              ],
              "packageName": "bcpg",
              "platforms": [
                "all"
              ],
              "product": "BC-JAVA",
              "programFiles": [
                "AEADEncDataPacket.java",
                "BcAEADUtil.java",
                "JceAEADUtil.java",
                "OperatorHelper.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "1.80.2",
                  "status": "affected",
                  "version": "1.74",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.81.1",
                  "status": "affected",
                  "version": "1.81",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.84",
                  "status": "affected",
                  "version": "1.82",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Disclosure \u003cdisclosure@aisle.com\u003e"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules).\u003cp\u003e This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
                }
              ],
              "value": "Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules).\n\n This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java.\n\n\n\nThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of resources without limits or throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-18T23:21:21.526Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%903505"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/dc7530939ffb6cdb57636f3609d98e23b94e71c1"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2026-3505",
        "datePublished": "2026-04-15T09:06:37.939Z",
        "dateReserved": "2026-03-04T00:44:50.028Z",
        "dateUpdated": "2026-06-30T12:09:25.714Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0636 (GCVE-0-2026-0636)

    Vulnerability from nvd – Published: 2026-04-15 08:59 – Updated: 2026-06-30 12:07
    VLAI
    Title
    LDAP Injection Vulnerability in LDAPStoreHelper.java
    Summary
    Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-90 - Improper neutralization of special elements used in an LDAP query ('LDAP injection')
    • CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-JAVA Affected: 1.74 , < 1.80.2 (maven)
    Affected: 1.81 , < 1.81.1 (maven)
    Affected: 1.82 , < 1.84 (maven)
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.12.7     cpe:/a:redhat:amq_broker:7.12
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.13.5     cpe:/a:redhat:amq_broker:7.13
    Create a notification for this product.
    Red Hat Red Hat Build of Apache Camel 4.14 for Quarkus 3.27     cpe:/a:redhat:apache_camel_quarkus:3.27
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28     cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14     cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.20.6.SP1     cpe:/a:redhat:quarkus:3.20::el8
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.27.3.SP1     cpe:/a:redhat:quarkus:3.27::el8
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat AMQ Clients     cpe:/a:redhat:amq_clients:2023
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Prasanth Sundararajan (prasanth.srihari@gmail.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0636",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T13:12:14.838595Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T13:12:22.433Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.12"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.12.7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.13"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.13.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_quarkus:3.27"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.20::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.20.6.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.27::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.27.3.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_clients:2023"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Clients",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-15T08:59:12.677Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `LDAPStoreHelper` implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying crafted input, potentially leading to disclosure of sensitive information or the manipulation of directory search queries."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-90",
                    "description": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:13.210Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-0636"
              },
              {
                "name": "RHBZ#2458641",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458641"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0636.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18054"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18055"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14276"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14272"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13631"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18059"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21772"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11720"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11721"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14276: Red Hat AMQ Broker 7.12.7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14272: Red Hat AMQ Broker 7.13.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13631: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11720: Red Hat build of Quarkus 3.20.6.SP1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11721: Red Hat build of Quarkus 3.27.3.SP1"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-15T10:01:32.911Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-15T08:59:12.677Z",
                "value": "Made public."
              }
            ],
            "title": "bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this flaw, sanitize all user-supplied input to remove or escape LDAP special characters before passing it to the LDAPStoreHelper for directory queries. If the input contains unexpected metacharacters such as asterisks, parentheses or backslashes, reject the request or escape the characters."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
              "defaultStatus": "unaffected",
              "modules": [
                "prov"
              ],
              "packageName": "bcprov",
              "platforms": [
                "all"
              ],
              "product": "BC-JAVA",
              "programFiles": [
                "LDAPStoreHelper"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "1.80.2",
                  "status": "affected",
                  "version": "1.74",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.81.1",
                  "status": "affected",
                  "version": "1.81",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.84",
                  "status": "affected",
                  "version": "1.82",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Prasanth Sundararajan (prasanth.srihari@gmail.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper neutralization of special elements used in an LDAP query (\u0027LDAP injection\u0027) vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules).\u003cp\u003e This vulnerability is associated with program files LDAPStoreHelper.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
                }
              ],
              "value": "Improper neutralization of special elements used in an LDAP query (\u0027LDAP injection\u0027) vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules).\n\n This vulnerability is associated with program files LDAPStoreHelper.\n\n\n\nThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "NEGLIGIBLE",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "PROOF_OF_CONCEPT",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/S:N/AU:Y/R:A/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-90",
                  "description": "CWE-90 Improper neutralization of special elements used in an LDAP query (\u0027LDAP injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-18T23:20:07.728Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "LDAP Injection Vulnerability in LDAPStoreHelper.java",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2026-0636",
        "datePublished": "2026-04-15T08:59:12.677Z",
        "dateReserved": "2026-01-06T03:18:21.572Z",
        "dateUpdated": "2026-06-30T12:07:13.210Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14813 (GCVE-0-2025-14813)

    Vulnerability from nvd – Published: 2026-04-15 08:56 – Updated: 2026-06-30 12:07
    VLAI
    Title
    GOSTCTR implementation unable to process more than 255 blocks correctly
    Summary
    : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules). This vulnerability is associated with program files G3413CTRBlockCipher. This issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-JAVA Affected: 1.59 , < 1.80.2 (maven)
    Affected: 1.81 , < 1.81.1 (maven)
    Affected: 1.82 , < 1.84 (maven)
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.12.7     cpe:/a:redhat:amq_broker:7.12
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.13.5     cpe:/a:redhat:amq_broker:7.13
    Create a notification for this product.
    Red Hat Red Hat Build of Apache Camel 4.14 for Quarkus 3.27     cpe:/a:redhat:apache_camel_quarkus:3.27
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI 2.25     cpe:/a:redhat:openshift_ai:2.25::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28     cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14     cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.20.6.SP1     cpe:/a:redhat:quarkus:3.20::el8
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.27.3.SP1     cpe:/a:redhat:quarkus:3.27::el8
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat AMQ Clients     cpe:/a:redhat:amq_clients:2023
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Build of Keycloak     cpe:/a:redhat:build_keycloak:
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    XlabAI Team of Tencent Xuanwu Lab Atuin Automated Vulnerability Discovery Engine Lili Tang, Guannan Wang, and Guancheng Li
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14813",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T13:19:43.094033Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T13:19:49.520Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.12"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.12.7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.13"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.13.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_quarkus:3.27"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai:2.25::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI 2.25",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.20::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.20.6.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.27::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.27.3.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_clients:2023"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Clients",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Build of Keycloak",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-15T08:56:34.057Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `GOSTCTR` implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the `G3413CTRBlockCipher`, potentially leading to the recovery and access of encrypted data."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-327",
                    "description": "Use of a Broken or Risky Cryptographic Algorithm",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:23.569Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2025-14813"
              },
              {
                "name": "RHBZ#2458640",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458640"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14813.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18054"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18055"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14276"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14272"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13631"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18059"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24977"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21772"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11720"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11721"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14276: Red Hat AMQ Broker 7.12.7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14272: Red Hat AMQ Broker 7.13.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13631: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24977: Red Hat OpenShift AI 2.25"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11720: Red Hat build of Quarkus 3.20.6.SP1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11721: Red Hat build of Quarkus 3.27.3.SP1"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-15T10:01:27.769Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-15T08:56:34.057Z",
                "value": "Made public."
              }
            ],
            "title": "bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this vulnerability, strictly limit the payload encrypted under a single key and Initialization Vector (IV) pair using the GOSTCTR implementation and G3413CTRBlockCipher to a maximum of 255 blocks. Alternatively, transition to a more secure, standardized and authenticated encryption mode."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
              "defaultStatus": "unaffected",
              "modules": [
                "core"
              ],
              "packageName": "bcprov",
              "platforms": [
                "all"
              ],
              "product": "BC-JAVA",
              "programFiles": [
                "G3413CTRBlockCipher"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "1.80.2",
                  "status": "affected",
                  "version": "1.59",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.81.1",
                  "status": "affected",
                  "version": "1.81",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.84",
                  "status": "affected",
                  "version": "1.82",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "XlabAI Team of Tencent Xuanwu Lab"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Atuin Automated Vulnerability Discovery Engine"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Lili Tang, Guannan Wang, and Guancheng Li"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": ": Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules).\u003cp\u003e This vulnerability is associated with program files G3413CTRBlockCipher.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
                }
              ],
              "value": ": Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules).\n\n This vulnerability is associated with program files G3413CTRBlockCipher.\n\n\n\nThis issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/RE:M/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-18T23:15:49.105Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9014813"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/b42574345414e4b7c8051b16fa1fafe01c29871f"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/701686cb0184cd9ae103c801b3581fdf95c6d4f3"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "GOSTCTR implementation unable to process more than 255 blocks correctly",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-14813",
        "datePublished": "2026-04-15T08:56:34.057Z",
        "dateReserved": "2025-12-17T00:17:44.229Z",
        "dateUpdated": "2026-06-30T12:07:23.569Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-12194 (GCVE-0-2025-12194)

    Vulnerability from nvd – Published: 2025-10-24 22:51 – Updated: 2025-10-27 15:21
    VLAI
    Summary
    Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.Java. This issue affects Bouncy Castle for Java FIPS: from 2.1.0 through 2.1.1; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-12194",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-27T15:21:29.159919Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-27T15:21:41.167Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bc-fips",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java FIPS",
              "programFiles": [
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.java"
              ],
              "repo": "ssh://bcgit@git.bouncycastle.org:bc-fips-2.1.X-java.git",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "2.1.1",
                  "status": "affected",
                  "version": "2.1.0",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcprov-lts8on",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java LTS",
              "programFiles": [
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.java"
              ],
              "repo": "https://github.com/bcgit/bc-lts-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "2.73.7",
                  "status": "affected",
                  "version": "2.73.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_fips:*:*:all:*:*:*:*:*",
                      "versionEndIncluding": "2.1.1",
                      "versionStartIncluding": "2.1.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_lts:*:*:all:*:*:*:*:*",
                      "versionEndIncluding": "2.73.7",
                      "versionStartIncluding": "2.73.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.Java\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java FIPS: from 2.1.0 through 2.1.1; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.\u003c/p\u003e"
                }
              ],
              "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.Java.\n\nThis issue affects Bouncy Castle for Java FIPS: from 2.1.0 through 2.1.1; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:P/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-24T23:01:19.091Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9012194"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-12194",
        "datePublished": "2025-10-24T22:51:36.942Z",
        "dateReserved": "2025-10-24T20:54:20.444Z",
        "dateUpdated": "2025-10-27T15:21:41.167Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-9340 (GCVE-0-2025-9340)

    Vulnerability from nvd – Published: 2025-08-22 09:39 – Updated: 2025-08-22 10:37
    VLAI
    Title
    native encrypt/decrypt operations in JCE may corrupt data if same byte array used for input and output.
    Summary
    Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher. This issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. Bouncy Castle for Java Affected: BC-FJA 2.1.0 , ≤ 2.1.0 (maven)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9340",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-22T10:37:04.005071Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-22T10:37:18.585Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bc-fips",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java",
              "programFiles": [
                "org/bouncycastle/jcajce/provider/BaseCipher"
              ],
              "repo": "ssh://bcgit@git.bouncycastle.org:bc-fips-2.1.X-java.git",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "2.1.0",
                  "status": "affected",
                  "version": "BC-FJA 2.1.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules).\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eorg/bouncycastle/jcajce/provider/BaseCipher\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0.\u003c/p\u003e"
                }
              ],
              "value": "Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher.\n\nThis issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "USER",
                "Safety": "NEGLIGIBLE",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "PHYSICAL",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "privilegesRequired": "LOW",
                "providerUrgency": "GREEN",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/R:U/RE:M/U:Green",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T09:39:47.303Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909340"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "native encrypt/decrypt operations in JCE may corrupt data if same byte array used for input and output.",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This can be coded around by avoiding operations in place when dealing with aes-native encryption/decryption."
                }
              ],
              "value": "This can be coded around by avoiding operations in place when dealing with aes-native encryption/decryption."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-9340",
        "datePublished": "2025-08-22T09:39:47.303Z",
        "dateReserved": "2025-08-22T08:45:05.505Z",
        "dateUpdated": "2025-08-22T10:37:18.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-9341 (GCVE-0-2025-9341)

    Vulnerability from nvd – Published: 2025-08-22 09:09 – Updated: 2025-10-24 22:40
    VLAI
    Title
    Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion
    Summary
    Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java, org/bouncycastle/crypto/engines/AESNativeCBC.Java. This issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9341",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-22T10:37:49.400627Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-22T10:38:07.000Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bc-fips",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java FIPS",
              "programFiles": [
                "org/bouncycastle/crypto/fips/AESNativeCBC.java"
              ],
              "repo": "ssh://bcgit@git.bouncycastle.org:bc-fips-2.1.X-java.git",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.1.0",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcprov-lts8on",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java LTS",
              "programFiles": [
                "org/bouncycastle/crypto/engines/AESNativeCBC.java"
              ],
              "repo": "https://github.com/bcgit/bc-lts-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "2.73.7",
                  "status": "affected",
                  "version": "2.73.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Vulnerability requires rapid creation of short term native CBC services. Issue appears to only occur with some versions of the JVM garbage collector."
                }
              ],
              "value": "Vulnerability requires rapid creation of short term native CBC services. Issue appears to only occur with some versions of the JVM garbage collector."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_fips:2.1.0:*:all:*:*:*:*:*",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_lts:*:*:all:*:*:*:*:*",
                      "versionEndIncluding": "2.73.7",
                      "versionStartIncluding": "2.73.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eorg/bouncycastle/crypto/fips/AESNativeCBC.Java\u003c/tt\u003e, \u003ctt\u003eorg/bouncycastle/crypto/engines/AESNativeCBC.Java\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.\u003c/p\u003e"
                }
              ],
              "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java, org/bouncycastle/crypto/engines/AESNativeCBC.Java.\n\nThis issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:P/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-24T22:40:33.075Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909341"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A system that cannot be updated can be made safe by booting the module in java mode and disabling AES-NI support."
                }
              ],
              "value": "A system that cannot be updated can be made safe by booting the module in java mode and disabling AES-NI support."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-9341",
        "datePublished": "2025-08-22T09:09:17.111Z",
        "dateReserved": "2025-08-22T08:45:19.734Z",
        "dateUpdated": "2025-10-24T22:40:33.075Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-9092 (GCVE-0-2025-9092)

    Vulnerability from nvd – Published: 2025-08-16 10:29 – Updated: 2025-08-18 18:08
    VLAI
    Title
    Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion
    Summary
    Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9092",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-18T18:08:27.146804Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-18T18:08:35.298Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bc-fips",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java - BC-FJA 2.1.0",
              "programFiles": [
                "org.bouncycastle.crypto.fips.NativeLoader"
              ],
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "2.1.0",
                  "status": "affected",
                  "version": "BC-FJA 2.1.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eorg.Bouncycastle.Crypto.Fips.NativeLoader\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0.\u003c/p\u003e"
                }
              ],
              "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader.\n\nThis issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 1,
                "baseSeverity": "LOW",
                "privilegesRequired": "HIGH",
                "providerUrgency": "GREEN",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/R:U/RE:L/U:Green",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-16T10:29:59.417Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909092"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Strictly limit the number of JVMs providing services based on BC-FJA 2.1.0 so that effective monitoring and cleanup is possible on the server involved, alternately ensure the module is configured to write its files for native support to a file system with sufficient capacity.\u003cbr\u003e"
                }
              ],
              "value": "Strictly limit the number of JVMs providing services based on BC-FJA 2.1.0 so that effective monitoring and cleanup is possible on the server involved, alternately ensure the module is configured to write its files for native support to a file system with sufficient capacity."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-9092",
        "datePublished": "2025-08-16T10:29:59.417Z",
        "dateReserved": "2025-08-16T10:06:21.717Z",
        "dateUpdated": "2025-08-18T18:08:35.298Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-8916 (GCVE-0-2025-8916)

    Vulnerability from nvd – Published: 2025-08-13 09:31 – Updated: 2026-05-12 12:02
    VLAI
    Title
    Possible DOS in processing large name constraint structures in PKIXCertPathReveiwer
    Summary
    Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All (API modules), Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.Java, https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.Java. This issue affects BC Java: from 1.44 through 1.78; BC Java: from 1.44 through 1.78; BCPKIX FIPS: from 1.0.0 through 1.0.7, from 2.0.0 through 2.0.7.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC Java Affected: 1.44 , ≤ 1.78 (maven)
    Create a notification for this product.
    Legion of the Bouncy Castle Inc. BCPKIX FIPS Affected: 1.0.0 , ≤ 1.0.7 (maven)
    Affected: 2.0.0 , ≤ 2.0.7 (maven)
    Create a notification for this product.
    Siemens SIMATIC CN 4100 Affected: 0 , < V5.0 (custom)
    Create a notification for this product.
    Credits
    Bing Shi
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-8916",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-13T13:13:37.616496Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-13T13:13:54.247Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC CN 4100",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V5.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T12:02:38.443Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcpkix",
              "platforms": [
                "All"
              ],
              "product": "BC Java",
              "programFiles": [
                "https://github.com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "1.78",
                  "status": "affected",
                  "version": "1.44",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcprov",
              "platforms": [
                "All"
              ],
              "product": "BC Java",
              "programFiles": [
                "https://github.com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "1.78",
                  "status": "affected",
                  "version": "1.44",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcpkix-fips",
              "platforms": [
                "All"
              ],
              "product": "BCPKIX FIPS",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.7",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "maven"
                },
                {
                  "lessThanOrEqual": "2.0.7",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "For an attack to take place the PKIXCertPathReviewer class must be in use by the application under attack and the class must be consuming certificate paths of unknown origin without any form of other validation."
                }
              ],
              "value": "For an attack to take place the PKIXCertPathReviewer class must be in use by the application under attack and the class must be consuming certificate paths of unknown origin without any form of other validation."
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Bing Shi"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All (API modules), Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003ehttps://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.Java\u003c/tt\u003e, \u003ctt\u003ehttps://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.Java\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects BC Java: from 1.44 through 1.78; BC Java: from 1.44 through 1.78; BCPKIX FIPS: from 1.0.0 through 1.0.7, from 2.0.0 through 2.0.7.\u003c/p\u003e"
                }
              ],
              "value": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All (API modules), Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.Java, https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.Java.\n\nThis issue affects BC Java: from 1.44 through 1.78; BC Java: from 1.44 through 1.78; BCPKIX FIPS: from 1.0.0 through 1.0.7, from 2.0.0 through 2.0.7."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "USER",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-12T11:17:08.609Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Possible DOS in processing large name constraint structures in PKIXCertPathReveiwer",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Limiting the size of ASN.1 objects that can be loaded from \"the wild\" will mitigate the risk of an exploit by automatically putting a cap on the maximum size of a Name Constraints structure."
                }
              ],
              "value": "Limiting the size of ASN.1 objects that can be loaded from \"the wild\" will mitigate the risk of an exploit by automatically putting a cap on the maximum size of a Name Constraints structure."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-8916",
        "datePublished": "2025-08-13T09:31:21.181Z",
        "dateReserved": "2025-08-13T08:52:38.480Z",
        "dateUpdated": "2026-05-12T12:02:38.443Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-8885 (GCVE-0-2025-8885)

    Vulnerability from nvd – Published: 2025-08-12 09:13 – Updated: 2025-09-12 11:09
    VLAI
    Title
    Possible DOS in processing specially formed ASN.1 Object Identifiers
    Summary
    Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti... https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java . This issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC Java Affected: 1.0 , ≤ 1.77 (maven)
    Create a notification for this product.
    Legion of the Bouncy Castle Inc. BC-FJA Affected: 1.0.0 , ≤ 1.0.2.5 (maven)
    Affected: 2.0.0 , ≤ 2.0.1 (maven)
    Create a notification for this product.
    Credits
    Bing Shi
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-8885",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-12T18:14:28.953244Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-12T18:14:43.796Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcprov",
              "platforms": [
                "All"
              ],
              "product": "BC Java",
              "programFiles": [
                "https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "1.77",
                  "status": "affected",
                  "version": "1.0",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bc-fips",
              "platforms": [
                "All"
              ],
              "product": "BC-FJA",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.2.5",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "maven"
                },
                {
                  "lessThanOrEqual": "2.0.1",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "To be exposed to the issue a system needs to be consuming ASN.1 structures which are otherwise unvetted or unvalidated."
                }
              ],
              "value": "To be exposed to the issue a system needs to be consuming ASN.1 structures which are otherwise unvetted or unvalidated."
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Bing Shi"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java\"\u003ehttps://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti...\u003c/a\u003e\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1.\u003c/p\u003e"
                }
              ],
              "value": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files  https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti... https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java .\n\nThis issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "USER",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-12T11:09:08.850Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Possible DOS in processing specially formed ASN.1 Object Identifiers",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Limiting the size of ASN.1 objects that can be loaded from \"the wild\", or putting in place some other validation for such objects, will mitigate the risk of an exploit by automatically putting a cap on the maximum size of an ASN.1 OBJECT IDENTIFIER.\u0026nbsp;"
                }
              ],
              "value": "Limiting the size of ASN.1 objects that can be loaded from \"the wild\", or putting in place some other validation for such objects, will mitigate the risk of an exploit by automatically putting a cap on the maximum size of an ASN.1 OBJECT IDENTIFIER."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-8885",
        "datePublished": "2025-08-12T09:13:42.770Z",
        "dateReserved": "2025-08-12T08:07:48.262Z",
        "dateUpdated": "2025-09-12T11:09:08.850Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-8149 (GCVE-0-2026-8149)

    Vulnerability from cvelistv5 – Published: 2026-05-08 06:01 – Updated: 2026-05-18 23:39
    VLAI
    Title
    GCM chunking can lead to bad tag exception on decryption
    Summary
    A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X86_64, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-LTS: from 2.73.0 before 2.73.11.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-LTS Affected: 2.73.0 , < 2.73.11 (maven)
    Create a notification for this product.
    Credits
    Michael Schäfer, Kiteworks
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8149",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T12:50:54.859989Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T12:51:03.873Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java-fips/",
              "defaultStatus": "unaffected",
              "packageName": "BC-LTS",
              "platforms": [
                "Linux",
                "X86_64",
                "AVX",
                "AVX-512f"
              ],
              "product": "BC-LTS",
              "programFiles": [
                "gcm128w",
                "gcm512w"
              ],
              "repo": "https://repo1.maven.org/maven2/org/bouncycastle/bcprov-lts18on",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "2.73.11",
                  "status": "affected",
                  "version": "2.73.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Michael Sch\u00e4fer, Kiteworks"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X86_64, AVX, AVX-512f.\u003cp\u003e This vulnerability is associated with program files gcm128w, gcm512w.\u003c/p\u003e\u003cp\u003eThis issue affects BC-LTS: from 2.73.0 before 2.73.11.\u003c/p\u003e"
                }
              ],
              "value": "A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X86_64, AVX, AVX-512f.\n\n This vulnerability is associated with program files gcm128w, gcm512w.\n\n\n\nThis issue affects BC-LTS: from 2.73.0 before 2.73.11."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NEGLIGIBLE",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:N/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1068",
                  "description": "CWE-1068",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-18T23:39:06.506Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%908149"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "GCM chunking can lead to bad tag exception on decryption",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "If possible pass whole message to GCM via doFinal(..) for decryption. Issue only occurs when decryption is chunked at certain boundaries."
                }
              ],
              "value": "If possible pass whole message to GCM via doFinal(..) for decryption. Issue only occurs when decryption is chunked at certain boundaries."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2026-8149",
        "datePublished": "2026-05-08T06:01:40.875Z",
        "dateReserved": "2026-05-08T05:23:49.585Z",
        "dateUpdated": "2026-05-18T23:39:06.506Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3505 (GCVE-0-2026-3505)

    Vulnerability from cvelistv5 – Published: 2026-04-15 09:06 – Updated: 2026-06-30 12:09
    VLAI
    Title
    Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.
    Summary
    Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules). This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java. This issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of resources without limits or throttling
    • CWE-400 - Uncontrolled Resource Consumption
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-JAVA Affected: 1.74 , < 1.80.2 (maven)
    Affected: 1.81 , < 1.81.1 (maven)
    Affected: 1.82 , < 1.84 (maven)
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat Build of Apache Camel 4.14 for Quarkus 3.27     cpe:/a:redhat:apache_camel_quarkus:3.27
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14     cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat AMQ Clients     cpe:/a:redhat:amq_clients:2023
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Disclosure <disclosure@aisle.com>
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3505",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T13:10:48.791999Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T13:10:55.206Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_quarkus:3.27"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_clients:2023"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Clients",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-15T09:06:37.939Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpg. A specially crafted PGP AEAD (Authenticated Encryption with Associated Data) message with an unbounded chunk size can lead to an excessive consumption of memory. This issue allows an unauthenticated remote attacker to cause memory exhaustion in a JVM, resulting in a denial of service."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:09:25.714Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-3505"
              },
              {
                "name": "RHBZ#2458638",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458638"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3505.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18054"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18055"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13631"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18059"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13631: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-15T10:01:17.415Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-15T09:06:37.939Z",
                "value": "Made public."
              }
            ],
            "title": "bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this vulnerability, enforce payload size limits on all incoming PGP messages before processing them. Additionally, apply memory quotas to the JVM or container environment to prevent a complete system outage in the event of memory exhaustion."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
              "defaultStatus": "unaffected",
              "modules": [
                "pg"
              ],
              "packageName": "bcpg",
              "platforms": [
                "all"
              ],
              "product": "BC-JAVA",
              "programFiles": [
                "AEADEncDataPacket.java",
                "BcAEADUtil.java",
                "JceAEADUtil.java",
                "OperatorHelper.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "1.80.2",
                  "status": "affected",
                  "version": "1.74",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.81.1",
                  "status": "affected",
                  "version": "1.81",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.84",
                  "status": "affected",
                  "version": "1.82",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Disclosure \u003cdisclosure@aisle.com\u003e"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules).\u003cp\u003e This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
                }
              ],
              "value": "Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules).\n\n This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java.\n\n\n\nThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of resources without limits or throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-18T23:21:21.526Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%903505"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/dc7530939ffb6cdb57636f3609d98e23b94e71c1"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2026-3505",
        "datePublished": "2026-04-15T09:06:37.939Z",
        "dateReserved": "2026-03-04T00:44:50.028Z",
        "dateUpdated": "2026-06-30T12:09:25.714Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5588 (GCVE-0-2026-5588)

    Vulnerability from cvelistv5 – Published: 2026-04-15 09:06 – Updated: 2026-06-30 12:11
    VLAI
    Title
    PKIX draft CompositeVerifier accepts empty signature sequence as valid.
    Summary
    Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix modules). This vulnerability is associated with program files JcaContentVerifierProviderBuilder.Java, JcaContentVerfierProviderBuilder.Java. This issue affects BC-JAVA: from 1.67 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11; BCPIX-LTS: from 2.73.7 before 2.73.11.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-JAVA Affected: 1.67 , < 1.80.2 (maven)
    Affected: 1.81 , < 1.81.1 (maven)
    Affected: 1.82 , < 1.84 (maven)
    Create a notification for this product.
    Legion of the Bouncy Castle Inc. BCPKIX-FIPS Affected: 2.0.6 , < 2.0.11 (maven)
    Affected: 2.1.7 , < 2.1.11 (maven)
    Create a notification for this product.
    Legion of the Bouncy Castle Inc. BCPIX-LTS Affected: 2.73.7 , < 2.73.11 (maven)
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.12.7     cpe:/a:redhat:amq_broker:7.12
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.13.5     cpe:/a:redhat:amq_broker:7.13
    Create a notification for this product.
    Red Hat Red Hat Build of Apache Camel 4.14 for Quarkus 3.27     cpe:/a:redhat:apache_camel_quarkus:3.27
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28     cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14     cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.20.6.SP1     cpe:/a:redhat:quarkus:3.20::el8
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.27.3.SP1     cpe:/a:redhat:quarkus:3.27::el8
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Nicholas Carlini using Claude, Anthropic
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5588",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T19:35:32.235455Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T19:35:40.662Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.12"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.12.7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.13"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.13.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_quarkus:3.27"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.20::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.20.6.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.27::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.27.3.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-15T09:06:15.617Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix. The PKIX draft `CompositeVerifier` implementation improperly accepts an empty signature sequence as a valid cryptographic signature. This issue allows a remote attacker to bypass signature verification mechanisms, potentially compromising the authenticity and integrity of data."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-347",
                    "description": "Improper Verification of Cryptographic Signature",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:11:15.811Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-5588"
              },
              {
                "name": "RHBZ#2458634",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458634"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5588.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18054"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18055"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14276"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14272"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13631"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18059"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21772"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11720"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11721"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14276: Red Hat AMQ Broker 7.12.7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14272: Red Hat AMQ Broker 7.13.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13631: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11720: Red Hat build of Quarkus 3.20.6.SP1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11721: Red Hat build of Quarkus 3.27.3.SP1"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-15T10:00:59.672Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-15T09:06:15.617Z",
                "value": "Made public."
              }
            ],
            "title": "bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this flaw, check that the signature sequence is not empty before passing any data to the CompositeVerifier for cryptographic validation. If the sequence is empty or null, explicitly reject the payload before it is processed."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
              "defaultStatus": "unaffected",
              "modules": [
                "pkix"
              ],
              "packageName": "bcpkix",
              "platforms": [
                "all"
              ],
              "product": "BC-JAVA",
              "programFiles": [
                "JcaContentVerifierProviderBuilder.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "1.80.2",
                  "status": "affected",
                  "version": "1.67",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.81.1",
                  "status": "affected",
                  "version": "1.81",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.84",
                  "status": "affected",
                  "version": "1.82",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java-fips/",
              "defaultStatus": "unaffected",
              "modules": [
                "pkix"
              ],
              "packageName": "bcpkix",
              "platforms": [
                "All"
              ],
              "product": "BCPKIX-FIPS",
              "programFiles": [
                "JcaContentVerifierProviderBuilder.java"
              ],
              "repo": "https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-fips/",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "2.0.11",
                  "status": "affected",
                  "version": "2.0.6",
                  "versionType": "maven"
                },
                {
                  "lessThan": "2.1.11",
                  "status": "affected",
                  "version": "2.1.7",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java-lts/",
              "defaultStatus": "unaffected",
              "modules": [
                "pkix"
              ],
              "packageName": "bcpkix",
              "platforms": [
                "All"
              ],
              "product": "BCPIX-LTS",
              "programFiles": [
                "JcaContentVerfierProviderBuilder.java"
              ],
              "repo": "https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-lts8on/",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "2.73.11",
                  "status": "affected",
                  "version": "2.73.7",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Nicholas Carlini using Claude, Anthropic"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix modules).\u003cp\u003e This vulnerability is associated with program files JcaContentVerifierProviderBuilder.Java, JcaContentVerfierProviderBuilder.Java.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.67 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11; BCPIX-LTS: from 2.73.7 before 2.73.11.\u003c/p\u003e"
                }
              ],
              "value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix modules).\n\n This vulnerability is associated with program files JcaContentVerifierProviderBuilder.Java, JcaContentVerfierProviderBuilder.Java.\n\n\n\nThis issue affects BC-JAVA: from 1.67 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11; BCPIX-LTS: from 2.73.7 before 2.73.11."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-18T23:22:57.378Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905588"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/656bae0dbd9b1521f840521ff786e78749fe3057"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "PKIX draft CompositeVerifier accepts empty signature sequence as valid.",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2026-5588",
        "datePublished": "2026-04-15T09:06:15.617Z",
        "dateReserved": "2026-04-04T23:50:59.336Z",
        "dateUpdated": "2026-06-30T12:11:15.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5598 (GCVE-0-2026-5598)

    Vulnerability from cvelistv5 – Published: 2026-04-15 09:05 – Updated: 2026-06-30 12:11
    VLAI
    Title
    Non-constant time comparisons risk private key leakage in FrodoKEM.
    Summary
    Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-JAVA Affected: 1.71 , < 1.80.2 (maven)
    Affected: 1.81 , < 1.81.1 (maven)
    Affected: 1.82 , < 1.84 (maven)
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 7.4 ELS for RHEL 7 Server     cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 7.4 ELS for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 7.4 ELS for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
        cpe:/a:redhat:jboss_enterprise_application_platform:7.4
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat AMQ Clients     cpe:/a:redhat:amq_clients:2023
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel for Spring Boot 4     cpe:/a:redhat:camel_spring_boot:4
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 2     cpe:/a:redhat:debezium:2
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Build of Keycloak     cpe:/a:redhat:build_keycloak:
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus     cpe:/a:redhat:quarkus:3
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8     cpe:/a:redhat:jboss_enterprise_application_platform:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Cristina Dueñas Navarro (cristina.duenas@jtsec.es) Sunwoo Lee and Seunghyun Yoon, Korea Institute of Energy Technology (KENTECH)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5598",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T13:11:48.318645Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T13:11:53.444Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 7.4 ELS for RHEL 7 Server",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 7.4 ELS for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 7.4 ELS for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7",
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "unaffected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_clients:2023"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Clients",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_spring_boot:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Apache Camel for Spring Boot 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:debezium:2"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Debezium 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Build of Keycloak",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat build of Quarkus",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Dev Spaces",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-15T09:05:56.277Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA core. A covert timing channel vulnerability, caused by non-constant time comparisons, risks the leakage of private keys in the FrodoKEM implementation. An unauthenticated, remote attacker can potentially exploit this timing discrepancy to gain unauthorized access to sensitive cryptographic information."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-385",
                    "description": "Covert Timing Channel",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:11:15.392Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-5598"
              },
              {
                "name": "RHBZ#2458635",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458635"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5598.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:12267"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18054"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18055"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:12269"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18059"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:12267: Red Hat JBoss EAP 7.4 ELS for RHEL 7 Server, Red Hat JBoss EAP 7.4 ELS for RHEL 8, Red Hat JBoss EAP 7.4 ELS for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:12269: Red Hat JBoss Enterprise Application Platform 7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-15T10:01:04.531Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-15T09:05:56.277Z",
                "value": "Made public."
              }
            ],
            "title": "bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this vulnerability, implement aggressive rate limiting and anomaly detection, specifically looking for unusual, high-frequency cryptographic handshake failures or anomalous traffic patterns targeting endpoints that handle key exchanges in the network logs."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
              "defaultStatus": "unaffected",
              "modules": [
                "core"
              ],
              "packageName": "core",
              "platforms": [
                "all"
              ],
              "product": "BC-JAVA",
              "programFiles": [
                "FrodoEngine.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "1.80.2",
                  "status": "affected",
                  "version": "1.71",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.81.1",
                  "status": "affected",
                  "version": "1.81",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.84",
                  "status": "affected",
                  "version": "1.82",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Cristina Due\u00f1as Navarro (cristina.duenas@jtsec.es)"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Sunwoo Lee and Seunghyun Yoon, Korea Institute of Energy Technology (KENTECH)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\u003cp\u003e This vulnerability is associated with program files FrodoEngine.Java.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
                }
              ],
              "value": "Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\n\n This vulnerability is associated with program files FrodoEngine.Java.\n\n\n\nThis issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.9,
                "baseSeverity": "HIGH",
                "exploitMaturity": "UNREPORTED",
                "privilegesRequired": "NONE",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-385",
                  "description": "CWE-385 Covert timing channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-14T09:34:39.363Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Non-constant time comparisons risk private key leakage in FrodoKEM.",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2026-5598",
        "datePublished": "2026-04-15T09:05:56.277Z",
        "dateReserved": "2026-04-05T07:25:44.930Z",
        "dateUpdated": "2026-06-30T12:11:15.392Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0636 (GCVE-0-2026-0636)

    Vulnerability from cvelistv5 – Published: 2026-04-15 08:59 – Updated: 2026-06-30 12:07
    VLAI
    Title
    LDAP Injection Vulnerability in LDAPStoreHelper.java
    Summary
    Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-90 - Improper neutralization of special elements used in an LDAP query ('LDAP injection')
    • CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-JAVA Affected: 1.74 , < 1.80.2 (maven)
    Affected: 1.81 , < 1.81.1 (maven)
    Affected: 1.82 , < 1.84 (maven)
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.12.7     cpe:/a:redhat:amq_broker:7.12
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.13.5     cpe:/a:redhat:amq_broker:7.13
    Create a notification for this product.
    Red Hat Red Hat Build of Apache Camel 4.14 for Quarkus 3.27     cpe:/a:redhat:apache_camel_quarkus:3.27
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28     cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14     cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.20.6.SP1     cpe:/a:redhat:quarkus:3.20::el8
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.27.3.SP1     cpe:/a:redhat:quarkus:3.27::el8
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat AMQ Clients     cpe:/a:redhat:amq_clients:2023
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    Prasanth Sundararajan (prasanth.srihari@gmail.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0636",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T13:12:14.838595Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T13:12:22.433Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.12"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.12.7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.13"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.13.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_quarkus:3.27"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.20::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.20.6.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.27::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.27.3.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_clients:2023"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Clients",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-15T08:59:12.677Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `LDAPStoreHelper` implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying crafted input, potentially leading to disclosure of sensitive information or the manipulation of directory search queries."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-90",
                    "description": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:13.210Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-0636"
              },
              {
                "name": "RHBZ#2458641",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458641"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0636.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18054"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18055"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14276"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14272"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13631"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18059"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21772"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11720"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11721"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14276: Red Hat AMQ Broker 7.12.7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14272: Red Hat AMQ Broker 7.13.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13631: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11720: Red Hat build of Quarkus 3.20.6.SP1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11721: Red Hat build of Quarkus 3.27.3.SP1"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-15T10:01:32.911Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-15T08:59:12.677Z",
                "value": "Made public."
              }
            ],
            "title": "bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this flaw, sanitize all user-supplied input to remove or escape LDAP special characters before passing it to the LDAPStoreHelper for directory queries. If the input contains unexpected metacharacters such as asterisks, parentheses or backslashes, reject the request or escape the characters."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
              "defaultStatus": "unaffected",
              "modules": [
                "prov"
              ],
              "packageName": "bcprov",
              "platforms": [
                "all"
              ],
              "product": "BC-JAVA",
              "programFiles": [
                "LDAPStoreHelper"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "1.80.2",
                  "status": "affected",
                  "version": "1.74",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.81.1",
                  "status": "affected",
                  "version": "1.81",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.84",
                  "status": "affected",
                  "version": "1.82",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Prasanth Sundararajan (prasanth.srihari@gmail.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper neutralization of special elements used in an LDAP query (\u0027LDAP injection\u0027) vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules).\u003cp\u003e This vulnerability is associated with program files LDAPStoreHelper.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
                }
              ],
              "value": "Improper neutralization of special elements used in an LDAP query (\u0027LDAP injection\u0027) vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules).\n\n This vulnerability is associated with program files LDAPStoreHelper.\n\n\n\nThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "NEGLIGIBLE",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "PROOF_OF_CONCEPT",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/S:N/AU:Y/R:A/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-90",
                  "description": "CWE-90 Improper neutralization of special elements used in an LDAP query (\u0027LDAP injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-18T23:20:07.728Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "LDAP Injection Vulnerability in LDAPStoreHelper.java",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2026-0636",
        "datePublished": "2026-04-15T08:59:12.677Z",
        "dateReserved": "2026-01-06T03:18:21.572Z",
        "dateUpdated": "2026-06-30T12:07:13.210Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14813 (GCVE-0-2025-14813)

    Vulnerability from cvelistv5 – Published: 2026-04-15 08:56 – Updated: 2026-06-30 12:07
    VLAI
    Title
    GOSTCTR implementation unable to process more than 255 blocks correctly
    Summary
    : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules). This vulnerability is associated with program files G3413CTRBlockCipher. This issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC-JAVA Affected: 1.59 , < 1.80.2 (maven)
    Affected: 1.81 , < 1.81.1 (maven)
    Affected: 1.82 , < 1.84 (maven)
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 8     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8
    Create a notification for this product.
    Red Hat Red Hat JBoss EAP 8.1 for RHEL 9     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.12.7     cpe:/a:redhat:amq_broker:7.12
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7.13.5     cpe:/a:redhat:amq_broker:7.13
    Create a notification for this product.
    Red Hat Red Hat Build of Apache Camel 4.14 for Quarkus 3.27     cpe:/a:redhat:apache_camel_quarkus:3.27
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 8.1     cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI 2.25     cpe:/a:redhat:openshift_ai:2.25::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Dev Spaces 3.28     cpe:/a:redhat:openshift_devspaces:3.28::el9
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14     cpe:/a:redhat:apache_camel_spring_boot:4.18
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.20.6.SP1     cpe:/a:redhat:quarkus:3.20::el8
    Create a notification for this product.
    Red Hat Red Hat build of Quarkus 3.27.3.SP1     cpe:/a:redhat:quarkus:3.27::el8
    Create a notification for this product.
    Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
    Create a notification for this product.
    Red Hat Red Hat AMQ Clients     cpe:/a:redhat:amq_clients:2023
    Create a notification for this product.
    Red Hat Red Hat build of Apache Camel 4 for Quarkus 3     cpe:/a:redhat:camel_quarkus:3
    Create a notification for this product.
    Red Hat Red Hat build of Apicurio Registry 3     cpe:/a:redhat:apicurio_registry:3
    Create a notification for this product.
    Red Hat Red Hat build of Debezium 3     cpe:/a:redhat:debezium:3
    Create a notification for this product.
    Red Hat Red Hat Build of Keycloak     cpe:/a:redhat:build_keycloak:
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
    Create a notification for this product.
    Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
    Create a notification for this product.
    Red Hat streams for Apache Kafka 2     cpe:/a:redhat:amq_streams:2
    Create a notification for this product.
    Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
    Create a notification for this product.
    Red Hat Red Hat AMQ Broker 7     cpe:/a:redhat:amq_broker:7
    Create a notification for this product.
    Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
    Create a notification for this product.
    Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat streams for Apache Kafka 3     cpe:/a:redhat:amq_streams:3
    Create a notification for this product.
    Credits
    XlabAI Team of Tencent Xuanwu Lab Atuin Automated Vulnerability Discovery Engine Lili Tang, Guannan Wang, and Guancheng Li
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14813",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T13:19:43.094033Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T13:19:49.520Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss EAP 8.1 for RHEL 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.12"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.12.7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7.13"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Broker 7.13.5",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_quarkus:3.27"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 8.1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai:2.25::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI 2.25",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_devspaces:3.28::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Dev Spaces 3.28",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apache_camel_spring_boot:4.18"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.20::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.20.6.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:quarkus:3.27::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Quarkus 3.27.3.SP1",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:ocp_tools"
                ],
                "defaultStatus": "affected",
                "product": "OpenShift Developer Tools and Services",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_clients:2023"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat AMQ Clients",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:camel_quarkus:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apache Camel 4 for Quarkus 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:apicurio_registry:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Apicurio Registry 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:debezium:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat build of Debezium 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:build_keycloak:"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Build of Keycloak",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_fuse:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Fuse 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_application_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat JBoss Enterprise Application Platform 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift_ai"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift AI (RHOAI)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Process Automation 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:red_hat_single_sign_on:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Single Sign-On 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 2",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:cryostat:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Cryostat 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_broker:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat AMQ Broker 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jboss_data_grid:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Data Grid 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:jbosseapxp"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:satellite:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Satellite 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "unaffected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-15T08:56:34.057Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `GOSTCTR` implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the `G3413CTRBlockCipher`, potentially leading to the recovery and access of encrypted data."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-327",
                    "description": "Use of a Broken or Risky Cryptographic Algorithm",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:23.569Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2025-14813"
              },
              {
                "name": "RHBZ#2458640",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458640"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-14813.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18054"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18055"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14276"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14272"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13631"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:18059"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24977"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:21772"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:17668"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11720"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11721"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14276: Red Hat AMQ Broker 7.12.7"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14272: Red Hat AMQ Broker 7.13.5"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13631: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24977: Red Hat OpenShift AI 2.25"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11720: Red Hat build of Quarkus 3.20.6.SP1"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11721: Red Hat build of Quarkus 3.27.3.SP1"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-15T10:01:27.769Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-15T08:56:34.057Z",
                "value": "Made public."
              }
            ],
            "title": "bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this vulnerability, strictly limit the payload encrypted under a single key and Initialization Vector (IV) pair using the GOSTCTR implementation and G3413CTRBlockCipher to a maximum of 255 blocks. Alternatively, transition to a more secure, standardized and authenticated encryption mode."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
              "defaultStatus": "unaffected",
              "modules": [
                "core"
              ],
              "packageName": "bcprov",
              "platforms": [
                "all"
              ],
              "product": "BC-JAVA",
              "programFiles": [
                "G3413CTRBlockCipher"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThan": "1.80.2",
                  "status": "affected",
                  "version": "1.59",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.81.1",
                  "status": "affected",
                  "version": "1.81",
                  "versionType": "maven"
                },
                {
                  "lessThan": "1.84",
                  "status": "affected",
                  "version": "1.82",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "XlabAI Team of Tencent Xuanwu Lab"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Atuin Automated Vulnerability Discovery Engine"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Lili Tang, Guannan Wang, and Guancheng Li"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": ": Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules).\u003cp\u003e This vulnerability is associated with program files G3413CTRBlockCipher.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
                }
              ],
              "value": ": Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules).\n\n This vulnerability is associated with program files G3413CTRBlockCipher.\n\n\n\nThis issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/RE:M/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-18T23:15:49.105Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9014813"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/b42574345414e4b7c8051b16fa1fafe01c29871f"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/bcgit/bc-java/commit/701686cb0184cd9ae103c801b3581fdf95c6d4f3"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "GOSTCTR implementation unable to process more than 255 blocks correctly",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-14813",
        "datePublished": "2026-04-15T08:56:34.057Z",
        "dateReserved": "2025-12-17T00:17:44.229Z",
        "dateUpdated": "2026-06-30T12:07:23.569Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-12194 (GCVE-0-2025-12194)

    Vulnerability from cvelistv5 – Published: 2025-10-24 22:51 – Updated: 2025-10-27 15:21
    VLAI
    Summary
    Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.Java. This issue affects Bouncy Castle for Java FIPS: from 2.1.0 through 2.1.1; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-12194",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-27T15:21:29.159919Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-27T15:21:41.167Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bc-fips",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java FIPS",
              "programFiles": [
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.java"
              ],
              "repo": "ssh://bcgit@git.bouncycastle.org:bc-fips-2.1.X-java.git",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "2.1.1",
                  "status": "affected",
                  "version": "2.1.0",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcprov-lts8on",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java LTS",
              "programFiles": [
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.java",
                "core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.java"
              ],
              "repo": "https://github.com/bcgit/bc-lts-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "2.73.7",
                  "status": "affected",
                  "version": "2.73.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_fips:*:*:all:*:*:*:*:*",
                      "versionEndIncluding": "2.1.1",
                      "versionStartIncluding": "2.1.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_lts:*:*:all:*:*:*:*:*",
                      "versionEndIncluding": "2.73.7",
                      "versionStartIncluding": "2.73.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.Java\u003c/tt\u003e, \u003ctt\u003ecore/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.Java\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java FIPS: from 2.1.0 through 2.1.1; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.\u003c/p\u003e"
                }
              ],
              "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.Java.\n\nThis issue affects Bouncy Castle for Java FIPS: from 2.1.0 through 2.1.1; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:P/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-24T23:01:19.091Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9012194"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-12194",
        "datePublished": "2025-10-24T22:51:36.942Z",
        "dateReserved": "2025-10-24T20:54:20.444Z",
        "dateUpdated": "2025-10-27T15:21:41.167Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-9340 (GCVE-0-2025-9340)

    Vulnerability from cvelistv5 – Published: 2025-08-22 09:39 – Updated: 2025-08-22 10:37
    VLAI
    Title
    native encrypt/decrypt operations in JCE may corrupt data if same byte array used for input and output.
    Summary
    Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher. This issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. Bouncy Castle for Java Affected: BC-FJA 2.1.0 , ≤ 2.1.0 (maven)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9340",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-22T10:37:04.005071Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-22T10:37:18.585Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bc-fips",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java",
              "programFiles": [
                "org/bouncycastle/jcajce/provider/BaseCipher"
              ],
              "repo": "ssh://bcgit@git.bouncycastle.org:bc-fips-2.1.X-java.git",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "2.1.0",
                  "status": "affected",
                  "version": "BC-FJA 2.1.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules).\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eorg/bouncycastle/jcajce/provider/BaseCipher\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0.\u003c/p\u003e"
                }
              ],
              "value": "Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher.\n\nThis issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "USER",
                "Safety": "NEGLIGIBLE",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "PHYSICAL",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "privilegesRequired": "LOW",
                "providerUrgency": "GREEN",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/R:U/RE:M/U:Green",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T09:39:47.303Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909340"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "native encrypt/decrypt operations in JCE may corrupt data if same byte array used for input and output.",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This can be coded around by avoiding operations in place when dealing with aes-native encryption/decryption."
                }
              ],
              "value": "This can be coded around by avoiding operations in place when dealing with aes-native encryption/decryption."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-9340",
        "datePublished": "2025-08-22T09:39:47.303Z",
        "dateReserved": "2025-08-22T08:45:05.505Z",
        "dateUpdated": "2025-08-22T10:37:18.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-9341 (GCVE-0-2025-9341)

    Vulnerability from cvelistv5 – Published: 2025-08-22 09:09 – Updated: 2025-10-24 22:40
    VLAI
    Title
    Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion
    Summary
    Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java, org/bouncycastle/crypto/engines/AESNativeCBC.Java. This issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9341",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-22T10:37:49.400627Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-22T10:38:07.000Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bc-fips",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java FIPS",
              "programFiles": [
                "org/bouncycastle/crypto/fips/AESNativeCBC.java"
              ],
              "repo": "ssh://bcgit@git.bouncycastle.org:bc-fips-2.1.X-java.git",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.1.0",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcprov-lts8on",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java LTS",
              "programFiles": [
                "org/bouncycastle/crypto/engines/AESNativeCBC.java"
              ],
              "repo": "https://github.com/bcgit/bc-lts-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "2.73.7",
                  "status": "affected",
                  "version": "2.73.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Vulnerability requires rapid creation of short term native CBC services. Issue appears to only occur with some versions of the JVM garbage collector."
                }
              ],
              "value": "Vulnerability requires rapid creation of short term native CBC services. Issue appears to only occur with some versions of the JVM garbage collector."
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_fips:2.1.0:*:all:*:*:*:*:*",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_lts:*:*:all:*:*:*:*:*",
                      "versionEndIncluding": "2.73.7",
                      "versionStartIncluding": "2.73.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eorg/bouncycastle/crypto/fips/AESNativeCBC.Java\u003c/tt\u003e, \u003ctt\u003eorg/bouncycastle/crypto/engines/AESNativeCBC.Java\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.\u003c/p\u003e"
                }
              ],
              "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java, org/bouncycastle/crypto/engines/AESNativeCBC.Java.\n\nThis issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:P/AU:N/R:U/V:C/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-24T22:40:33.075Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909341"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A system that cannot be updated can be made safe by booting the module in java mode and disabling AES-NI support."
                }
              ],
              "value": "A system that cannot be updated can be made safe by booting the module in java mode and disabling AES-NI support."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-9341",
        "datePublished": "2025-08-22T09:09:17.111Z",
        "dateReserved": "2025-08-22T08:45:19.734Z",
        "dateUpdated": "2025-10-24T22:40:33.075Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-9092 (GCVE-0-2025-9092)

    Vulnerability from cvelistv5 – Published: 2025-08-16 10:29 – Updated: 2025-08-18 18:08
    VLAI
    Title
    Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion
    Summary
    Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9092",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-18T18:08:27.146804Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-18T18:08:35.298Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bc-fips",
              "platforms": [
                "All"
              ],
              "product": "Bouncy Castle for Java - BC-FJA 2.1.0",
              "programFiles": [
                "org.bouncycastle.crypto.fips.NativeLoader"
              ],
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "2.1.0",
                  "status": "affected",
                  "version": "BC-FJA 2.1.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eorg.Bouncycastle.Crypto.Fips.NativeLoader\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0.\u003c/p\u003e"
                }
              ],
              "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader.\n\nThis issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "USER",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 1,
                "baseSeverity": "LOW",
                "privilegesRequired": "HIGH",
                "providerUrgency": "GREEN",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/R:U/RE:L/U:Green",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-16T10:29:59.417Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909092"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Strictly limit the number of JVMs providing services based on BC-FJA 2.1.0 so that effective monitoring and cleanup is possible on the server involved, alternately ensure the module is configured to write its files for native support to a file system with sufficient capacity.\u003cbr\u003e"
                }
              ],
              "value": "Strictly limit the number of JVMs providing services based on BC-FJA 2.1.0 so that effective monitoring and cleanup is possible on the server involved, alternately ensure the module is configured to write its files for native support to a file system with sufficient capacity."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-9092",
        "datePublished": "2025-08-16T10:29:59.417Z",
        "dateReserved": "2025-08-16T10:06:21.717Z",
        "dateUpdated": "2025-08-18T18:08:35.298Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-8916 (GCVE-0-2025-8916)

    Vulnerability from cvelistv5 – Published: 2025-08-13 09:31 – Updated: 2026-05-12 12:02
    VLAI
    Title
    Possible DOS in processing large name constraint structures in PKIXCertPathReveiwer
    Summary
    Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All (API modules), Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.Java, https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.Java. This issue affects BC Java: from 1.44 through 1.78; BC Java: from 1.44 through 1.78; BCPKIX FIPS: from 1.0.0 through 1.0.7, from 2.0.0 through 2.0.7.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC Java Affected: 1.44 , ≤ 1.78 (maven)
    Create a notification for this product.
    Legion of the Bouncy Castle Inc. BCPKIX FIPS Affected: 1.0.0 , ≤ 1.0.7 (maven)
    Affected: 2.0.0 , ≤ 2.0.7 (maven)
    Create a notification for this product.
    Siemens SIMATIC CN 4100 Affected: 0 , < V5.0 (custom)
    Create a notification for this product.
    Credits
    Bing Shi
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-8916",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-13T13:13:37.616496Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-13T13:13:54.247Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC CN 4100",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "V5.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T12:02:38.443Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcpkix",
              "platforms": [
                "All"
              ],
              "product": "BC Java",
              "programFiles": [
                "https://github.com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "1.78",
                  "status": "affected",
                  "version": "1.44",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcprov",
              "platforms": [
                "All"
              ],
              "product": "BC Java",
              "programFiles": [
                "https://github.com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "1.78",
                  "status": "affected",
                  "version": "1.44",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcpkix-fips",
              "platforms": [
                "All"
              ],
              "product": "BCPKIX FIPS",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.7",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "maven"
                },
                {
                  "lessThanOrEqual": "2.0.7",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "For an attack to take place the PKIXCertPathReviewer class must be in use by the application under attack and the class must be consuming certificate paths of unknown origin without any form of other validation."
                }
              ],
              "value": "For an attack to take place the PKIXCertPathReviewer class must be in use by the application under attack and the class must be consuming certificate paths of unknown origin without any form of other validation."
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Bing Shi"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All (API modules), Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003ehttps://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.Java\u003c/tt\u003e, \u003ctt\u003ehttps://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.Java\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects BC Java: from 1.44 through 1.78; BC Java: from 1.44 through 1.78; BCPKIX FIPS: from 1.0.0 through 1.0.7, from 2.0.0 through 2.0.7.\u003c/p\u003e"
                }
              ],
              "value": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All (API modules), Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.Java, https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.Java.\n\nThis issue affects BC Java: from 1.44 through 1.78; BC Java: from 1.44 through 1.78; BCPKIX FIPS: from 1.0.0 through 1.0.7, from 2.0.0 through 2.0.7."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "USER",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-12T11:17:08.609Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Possible DOS in processing large name constraint structures in PKIXCertPathReveiwer",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Limiting the size of ASN.1 objects that can be loaded from \"the wild\" will mitigate the risk of an exploit by automatically putting a cap on the maximum size of a Name Constraints structure."
                }
              ],
              "value": "Limiting the size of ASN.1 objects that can be loaded from \"the wild\" will mitigate the risk of an exploit by automatically putting a cap on the maximum size of a Name Constraints structure."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-8916",
        "datePublished": "2025-08-13T09:31:21.181Z",
        "dateReserved": "2025-08-13T08:52:38.480Z",
        "dateUpdated": "2026-05-12T12:02:38.443Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-8885 (GCVE-0-2025-8885)

    Vulnerability from cvelistv5 – Published: 2025-08-12 09:13 – Updated: 2025-09-12 11:09
    VLAI
    Title
    Possible DOS in processing specially formed ASN.1 Object Identifiers
    Summary
    Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti... https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java . This issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    Legion of the Bouncy Castle Inc. BC Java Affected: 1.0 , ≤ 1.77 (maven)
    Create a notification for this product.
    Legion of the Bouncy Castle Inc. BC-FJA Affected: 1.0.0 , ≤ 1.0.2.5 (maven)
    Affected: 2.0.0 , ≤ 2.0.1 (maven)
    Create a notification for this product.
    Credits
    Bing Shi
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-8885",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-12T18:14:28.953244Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-12T18:14:43.796Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bcprov",
              "platforms": [
                "All"
              ],
              "product": "BC Java",
              "programFiles": [
                "https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java"
              ],
              "repo": "https://github.com/bcgit/bc-java",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "1.77",
                  "status": "affected",
                  "version": "1.0",
                  "versionType": "maven"
                }
              ]
            },
            {
              "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
              "defaultStatus": "unaffected",
              "modules": [
                "API"
              ],
              "packageName": "bc-fips",
              "platforms": [
                "All"
              ],
              "product": "BC-FJA",
              "vendor": "Legion of the Bouncy Castle Inc.",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.2.5",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "maven"
                },
                {
                  "lessThanOrEqual": "2.0.1",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "maven"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "To be exposed to the issue a system needs to be consuming ASN.1 structures which are otherwise unvetted or unvalidated."
                }
              ],
              "value": "To be exposed to the issue a system needs to be consuming ASN.1 structures which are otherwise unvetted or unvalidated."
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Bing Shi"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java\"\u003ehttps://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti...\u003c/a\u003e\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1.\u003c/p\u003e"
                }
              ],
              "value": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files  https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti... https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java .\n\nThis issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "USER",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-12T11:09:08.850Z",
            "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
            "shortName": "bcorg"
          },
          "references": [
            {
              "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Possible DOS in processing specially formed ASN.1 Object Identifiers",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Limiting the size of ASN.1 objects that can be loaded from \"the wild\", or putting in place some other validation for such objects, will mitigate the risk of an exploit by automatically putting a cap on the maximum size of an ASN.1 OBJECT IDENTIFIER.\u0026nbsp;"
                }
              ],
              "value": "Limiting the size of ASN.1 objects that can be loaded from \"the wild\", or putting in place some other validation for such objects, will mitigate the risk of an exploit by automatically putting a cap on the maximum size of an ASN.1 OBJECT IDENTIFIER."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "assignerShortName": "bcorg",
        "cveId": "CVE-2025-8885",
        "datePublished": "2025-08-12T09:13:42.770Z",
        "dateReserved": "2025-08-12T08:07:48.262Z",
        "dateUpdated": "2025-09-12T11:09:08.850Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }