Bouncy Castle For Java Fips
Approved changes feed: RSS · Atom
cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_fips:2.1.0:*:all:*:*:*:*:*
part: a version: 2.1.0 update: *
| Vendor | Legion Of The Bouncy Castle Inc. (e4a6587a-5507-5db2-9124-4805610f6129) |
|---|---|
| Product | Bouncy Castle For Java Fips (aacdf126-80a4-5e4e-ab6f-67e03ac883e0) |
| Edition | all |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-9341 |
vulnerable | 2026-06-08 07:45:22.316968 |
Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java, org/bouncycastle/crypto/engines/AESNativeCBC.Java.
This issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.
Published: 2025-08-22T09:09:17.111Z
Updated: 2025-10-24T22:40:33.075Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.