VulnerableCode Package Details - pkg:maven/org.bouncycastle/bcprov-jdk14@1.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.bouncycastle/bcprov-jdk14@1.0

Essentials
History (2)

purl	pkg:maven/org.bouncycastle/bcprov-jdk14@1.0
Tags	Ghost

Next non-vulnerable version	1.78
Latest non-vulnerable version	1.78
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-rary-mqyu-2yes Aliases: CVE-2025-8885 GHSA-67mf-3cr5-8w23	Bouncy Castle for Java on All (API modules) allows Excessive Allocation A resource allocation vulnerability exists in Bouncy Castle for Java (by Legion of the Bouncy Castle Inc.) that affects all API modules. The vulnerability allows attackers to cause excessive memory allocation through unbounded resource consumption, potentially leading to denial of service. The issue is located in the ASN1ObjectIdentifier.java file in the core module. This issue affects Bouncy Castle for Java: from BC 1.0 through 1.77, from BC-FJA 1.0.0 through 2.0.0.	1.78 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-07T04:58:23.635584+00:00	GHSA Importer	Affected by	VCID-rary-mqyu-2yes	https://github.com/advisories/GHSA-67mf-3cr5-8w23	38.1.0
2026-04-02T12:41:52.327571+00:00	GitLab Importer	Affected by	VCID-rary-mqyu-2yes	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcprov-jdk14/CVE-2025-8885.yml	38.0.0