Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Bouncy Castle for Java FIPS

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2025-9341
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
ShareView Details
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
CVSS Score-5.9||MEDIUM
EPSS-0.01% / 1.76%
||
7 Day CHG~0.00%
Published-22 Aug, 2025 | 09:09
Updated-22 Aug, 2025 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java. This issue affects Bouncy Castle for Java FIPS: from BC-FJA 2.1.0 through 2.1.0.

Action-Not Available
Vendor-Legion of the Bouncy Castle Inc.
Product-Bouncy Castle for Java FIPS
CWE ID-CWE-400
Uncontrolled Resource Consumption