CNNVD-202510-3404 Information

CNNVD ID

CNNVD-202510-3404

Related CVE

CVE-2025-12194

• CNNVD Published: 2025-10-24

Description (Chinese)

Bouncy Castle Java是Legion of the Bouncy Castle Inc开源的一个加密算法程序。 Bouncy Castle Java FIPS 2.1.0版本至2.1.1版本和LTS 2.73.0版本至2.73.7版本存在安全漏洞，该漏洞源于资源消耗不受控制，可能导致过度分配。

Description (English)

Bouncy Castle Java is an encryption algorithm for the Legion of the Bouncy Castle Inc open source. There is a security loophole between Versions Bouncy Castle Java FIPS 2.1.01 and Versions LTS 2.73.0 to 2.73.7, which stems from uncontrolled resource consumption and may lead to overallocation.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Legion of the Bouncy Castle Inc

Published

2025-10-24

Last Modified

2026-02-24

References

https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9012194