CNNVD-202508-1940 Information

CNNVD ID

CNNVD-202508-1940

Related CVE

CVE-2025-9092

• CNNVD Published: 2025-08-16

Description (Chinese)

Bouncy Castle Java是Legion of the Bouncy Castle Inc开源的一个加密算法程序。 Bouncy Castle Java 2.1.0版本存在安全漏洞，该漏洞源于org.Bouncycastle.Crypto.Fips.NativeLoader文件存在资源过度分配问题。

Description (English)

Bouncy Castle Java is an encryption algorithm for the Legion of the Bouncy Castle Inc open source. There is a security loophole in version 2.1.0 of Bouncy Castle Java, which stems from the overalallocation of resources in the document oforg. Bouncycastle.Crypto.Fips.NativeLoader.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Legion of the Bouncy Castle Inc

Published

2025-08-16

Last Modified

2026-02-24

References

https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909092 https://nvd.nist.gov/vuln/detail/CVE-2025-9092