CNNVD-202508-1017 Information

CNNVD ID

CNNVD-202508-1017

Related CVE

CVE-2025-8885

• CNNVD Published: 2025-08-12

Description (Chinese)

Bouncy Castle是Bouncy Castle组织的密码学中使用的API集合。它包括适用于Java和C#编程语言的API 。 Bouncy Castle 1.77及之前版本存在安全漏洞，该漏洞源于资源分配无限制，可能导致过度分配。

Description (English)

Bouncy Castle is a collection of APIs used in the ciphers organized by Bouncy Castle. It includes API for Java and C# programming languages. There is a security loophole in Bouncy Castle 1.77 and earlier versions, which stems from unrestricted resource allocation and may lead to overallocation.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Bouncy Castle

Published

2025-08-12

Last Modified

2026-02-24

References

https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885 https://www.oracle.com/security-alerts/cpuoct2025.html https://access.redhat.com/security/cve/cve-2025-8885