CNNVD-202508-1337 Information
CNNVD ID
CNNVD-202508-1337
Related CVE
- CNNVD Published: 2025-08-13
Description (Chinese)
Bouncy Castle是Bouncy Castle组织的密码学中使用的API集合。它包括适用于Java和C#编程语言的API 。 Bouncy Castle 1.44至1.78版本存在安全漏洞,该漏洞源于资源分配无限制可能导致过度分配。
Description (English)
Bouncy Castle is a collection of APIs used in the ciphers organized by Bouncy Castle. It includes API for Java and C# programming languages. There is a security loophole in Bobby Castles 1.44 to 1.78, which stems from the fact that unlimited resource allocation may lead to overallocation.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
Bouncy Castle
Published
2025-08-13
Last Modified
2026-02-24
References
https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916 https://www.oracle.com/security-alerts/cpuoct2025.html https://www.oracle.com/security-alerts/cpujan2026.html https://access.redhat.com/security/cve/cve-2025-8916
Patch
https://github.com/bcgit/bc-java/commit/310b30a4fbf36d13f6cc201ffa7771715641e67e
Share on: