Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/27476?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27476?format=api", "vulnerability_id": "VCID-wqgc-hd9r-zuek", "summary": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java , https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathRevi... https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java .\n\nThis issue affects Bouncy Castle for Java: from BC 1.44 through 1.78, from BCPKIX FIPS 1.0.0 through 1.0.7, from BCPKIX FIPS 2.0.0 through 2.0.7.", "aliases": [ { "alias": "CVE-2025-8916" }, { "alias": "GHSA-4cx2-fc23-5wg6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/921577?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582148?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/583193?format=api", "purl": "pkg:deb/debian/bouncycastle@1.80-3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.80-3" }, { "url": "http://public2.vulnerablecode.io/api/packages/69672?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@1.0.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@1.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/69673?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@2.0.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@2.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/69670?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.79", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.79" }, { "url": "http://public2.vulnerablecode.io/api/packages/69671?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.79", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.79" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582146?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2j9r-6zbp-m3bz" }, { "vulnerability": "VCID-4rs8-tp92-p7ck" }, { "vulnerability": "VCID-abxq-7eq3-g7dp" }, { "vulnerability": "VCID-d5x5-hcjh-efcr" }, { "vulnerability": "VCID-e4j2-7rmt-17bf" }, { "vulnerability": "VCID-rary-mqyu-2yes" }, { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/583191?format=api", "purl": "pkg:deb/debian/bouncycastle@1.68-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2j9r-6zbp-m3bz" }, { "vulnerability": "VCID-4rs8-tp92-p7ck" }, { "vulnerability": "VCID-abxq-7eq3-g7dp" }, { "vulnerability": "VCID-d5x5-hcjh-efcr" }, { "vulnerability": "VCID-e4j2-7rmt-17bf" }, { "vulnerability": "VCID-rary-mqyu-2yes" }, { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.68-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/583192?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2j9r-6zbp-m3bz" }, { "vulnerability": "VCID-4rs8-tp92-p7ck" }, { "vulnerability": "VCID-abxq-7eq3-g7dp" }, { "vulnerability": "VCID-d5x5-hcjh-efcr" }, { "vulnerability": "VCID-e4j2-7rmt-17bf" }, { "vulnerability": "VCID-rary-mqyu-2yes" }, { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/582147?format=api", "purl": "pkg:deb/debian/bouncycastle@1.72-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2j9r-6zbp-m3bz" }, { "vulnerability": "VCID-4rs8-tp92-p7ck" }, { "vulnerability": "VCID-abxq-7eq3-g7dp" }, { "vulnerability": "VCID-d5x5-hcjh-efcr" }, { "vulnerability": "VCID-e4j2-7rmt-17bf" }, { "vulnerability": "VCID-rary-mqyu-2yes" }, { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bouncycastle@1.72-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/570732?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/788773?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/788774?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/788775?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@1.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@1.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/788776?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@1.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@1.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/788777?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@1.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@1.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/788778?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@1.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@1.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/788779?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@1.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@1.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/570733?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/788780?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-fips@2.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-fips@2.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/570731?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.44", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.44" }, { "url": "http://public2.vulnerablecode.io/api/packages/634882?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.47", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.47" }, { "url": "http://public2.vulnerablecode.io/api/packages/634883?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.48", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.48" }, { "url": "http://public2.vulnerablecode.io/api/packages/634884?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.49", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wpwg-69wu-3kgz" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.49" }, { "url": "http://public2.vulnerablecode.io/api/packages/634885?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.50", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.50" }, { "url": "http://public2.vulnerablecode.io/api/packages/634886?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.51", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.51" }, { "url": "http://public2.vulnerablecode.io/api/packages/634887?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.52", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.52" }, { "url": "http://public2.vulnerablecode.io/api/packages/634888?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.53", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.53" }, { "url": "http://public2.vulnerablecode.io/api/packages/634889?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.54", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.54" }, { "url": "http://public2.vulnerablecode.io/api/packages/634890?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.55", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.55" }, { "url": "http://public2.vulnerablecode.io/api/packages/634891?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.56" }, { "url": "http://public2.vulnerablecode.io/api/packages/634892?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.57", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.57" }, { "url": "http://public2.vulnerablecode.io/api/packages/634893?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.58", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.58" }, { "url": "http://public2.vulnerablecode.io/api/packages/634894?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.59", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.59" }, { "url": "http://public2.vulnerablecode.io/api/packages/634895?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.60", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.60" }, { "url": "http://public2.vulnerablecode.io/api/packages/634896?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.61", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.61" }, { "url": "http://public2.vulnerablecode.io/api/packages/634897?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.62", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.62" }, { "url": "http://public2.vulnerablecode.io/api/packages/634898?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.63", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.63" }, { "url": "http://public2.vulnerablecode.io/api/packages/634899?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/634900?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.65", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.65" }, { "url": "http://public2.vulnerablecode.io/api/packages/634901?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.66", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.66" }, { "url": "http://public2.vulnerablecode.io/api/packages/634902?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.67", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.67" }, { "url": "http://public2.vulnerablecode.io/api/packages/634903?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.68", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.68" }, { "url": "http://public2.vulnerablecode.io/api/packages/634904?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.69", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.69" }, { "url": "http://public2.vulnerablecode.io/api/packages/634905?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.70", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.70" }, { "url": "http://public2.vulnerablecode.io/api/packages/570736?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.44", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.44" }, { "url": "http://public2.vulnerablecode.io/api/packages/634872?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.63", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.63" }, { "url": "http://public2.vulnerablecode.io/api/packages/634873?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/634874?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.65", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.65" }, { "url": "http://public2.vulnerablecode.io/api/packages/634875?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.66", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.66" }, { "url": "http://public2.vulnerablecode.io/api/packages/634876?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.67", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.67" }, { "url": "http://public2.vulnerablecode.io/api/packages/634877?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.68", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.68" }, { "url": "http://public2.vulnerablecode.io/api/packages/634878?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.69", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.69" }, { "url": "http://public2.vulnerablecode.io/api/packages/634879?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.70", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.70" }, { "url": "http://public2.vulnerablecode.io/api/packages/634880?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.71", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.71" }, { "url": "http://public2.vulnerablecode.io/api/packages/634881?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.72", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.72" }, { "url": "http://public2.vulnerablecode.io/api/packages/61263?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.73", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.73" }, { "url": "http://public2.vulnerablecode.io/api/packages/788809?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.74", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.74" }, { "url": "http://public2.vulnerablecode.io/api/packages/788810?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.75", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.75" }, { "url": "http://public2.vulnerablecode.io/api/packages/788811?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.76", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.76" }, { "url": "http://public2.vulnerablecode.io/api/packages/788812?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.77", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.77" }, { "url": "http://public2.vulnerablecode.io/api/packages/569654?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.78", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.78" }, { "url": "http://public2.vulnerablecode.io/api/packages/788813?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.78.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.78.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/570735?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.44", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.44" }, { "url": "http://public2.vulnerablecode.io/api/packages/634859?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.71", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.71" }, { "url": "http://public2.vulnerablecode.io/api/packages/634860?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.71.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.71.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/634861?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.72", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-sz15-payv-uyab" }, { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.72" }, { "url": "http://public2.vulnerablecode.io/api/packages/61257?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.73", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.73" }, { "url": "http://public2.vulnerablecode.io/api/packages/788804?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.74", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.74" }, { "url": "http://public2.vulnerablecode.io/api/packages/788805?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.75", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.75" }, { "url": "http://public2.vulnerablecode.io/api/packages/788806?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.76", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.76" }, { "url": "http://public2.vulnerablecode.io/api/packages/788807?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.77", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.77" }, { "url": "http://public2.vulnerablecode.io/api/packages/569655?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.78", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.78" }, { "url": "http://public2.vulnerablecode.io/api/packages/788808?format=api", "purl": "pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.78.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wqgc-hd9r-zuek" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bcpkix-jdk18on@1.78.1" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8916.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8916.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10618", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10754", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10778", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10809", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10795", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10738", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10662", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1081", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10747", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11713", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8916" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/bcgit/bc-java", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/310b30a4fbf36d13f6cc201ffa7771715641e67e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/310b30a4fbf36d13f6cc201ffa7771715641e67e" }, { "reference_url": "https://github.com/bcgit/bc-java/commit/ff444a479942d88de64004dc82c3ee32a9e9075a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/bcgit/bc-java/commit/ff444a479942d88de64004dc82c3ee32a9e9075a" }, { "reference_url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T13:13:37Z/" } ], "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8916", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8916" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388195", "reference_id": "2388195", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388195" }, { "reference_url": "https://github.com/advisories/GHSA-4cx2-fc23-5wg6", "reference_id": "GHSA-4cx2-fc23-5wg6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4cx2-fc23-5wg6" }, { "reference_url": "https://usn.ubuntu.com/8108-1/", "reference_id": "USN-8108-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8108-1/" } ], "weaknesses": [ { "cwe_id": 770, "name": "Allocation of Resources Without Limits or Throttling", "description": "The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wqgc-hd9r-zuek" }