Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.bouncycastle/bctls-jdk14@1.61
Typemaven
Namespaceorg.bouncycastle
Namebctls-jdk14
Version1.61
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.78
Latest_non_vulnerable_version1.78
Affected_by_vulnerabilities
0
url VCID-2j9r-6zbp-m3bz
vulnerability_id VCID-2j9r-6zbp-m3bz
summary 
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")
An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30171.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-30171
reference_id
reference_type
scores
0
value 0.00102
scoring_system epss
scoring_elements 0.28037
published_at 2026-04-13T12:55:00Z
1
value 0.00102
scoring_system epss
scoring_elements 0.28131
published_at 2026-04-09T12:55:00Z
2
value 0.00102
scoring_system epss
scoring_elements 0.28137
published_at 2026-04-11T12:55:00Z
3
value 0.00102
scoring_system epss
scoring_elements 0.28094
published_at 2026-04-12T12:55:00Z
4
value 0.00105
scoring_system epss
scoring_elements 0.28535
published_at 2026-04-07T12:55:00Z
5
value 0.00105
scoring_system epss
scoring_elements 0.2868
published_at 2026-04-02T12:55:00Z
6
value 0.00105
scoring_system epss
scoring_elements 0.2873
published_at 2026-04-04T12:55:00Z
7
value 0.00105
scoring_system epss
scoring_elements 0.28601
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-30171
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30171
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30171
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217
5
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171
6
reference_url https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0
7
reference_url https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-30171
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-30171
10
reference_url https://security.netapp.com/advisory/ntap-20240614-0008
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240614-0008
11
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://www.bouncycastle.org/latest_releases.html
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
reference_id 1070655
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2276360
reference_id 2276360
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2276360
14
reference_url https://github.com/advisories/GHSA-v435-xc8x-wvr9
reference_id GHSA-v435-xc8x-wvr9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v435-xc8x-wvr9
15
reference_url https://security.netapp.com/advisory/ntap-20240614-0008/
reference_id ntap-20240614-0008
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:18:15Z/
url https://security.netapp.com/advisory/ntap-20240614-0008/
16
reference_url https://access.redhat.com/errata/RHSA-2024:4173
reference_id RHSA-2024:4173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4173
17
reference_url https://access.redhat.com/errata/RHSA-2024:4271
reference_id RHSA-2024:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4271
18
reference_url https://access.redhat.com/errata/RHSA-2024:4326
reference_id RHSA-2024:4326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4326
19
reference_url https://access.redhat.com/errata/RHSA-2024:4505
reference_id RHSA-2024:4505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4505
20
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
21
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
22
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
23
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
0
url pkg:maven/org.bouncycastle/bctls-jdk14@1.78
purl pkg:maven/org.bouncycastle/bctls-jdk14@1.78
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bctls-jdk14@1.78
aliases CVE-2024-30171, GHSA-v435-xc8x-wvr9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2j9r-6zbp-m3bz
1
url VCID-4rs8-tp92-p7ck
vulnerability_id VCID-4rs8-tp92-p7ck
summary 
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29857.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29857.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-29857
reference_id
reference_type
scores
0
value 0.00191
scoring_system epss
scoring_elements 0.40999
published_at 2026-04-02T12:55:00Z
1
value 0.00191
scoring_system epss
scoring_elements 0.41005
published_at 2026-04-08T12:55:00Z
2
value 0.00191
scoring_system epss
scoring_elements 0.40956
published_at 2026-04-07T12:55:00Z
3
value 0.00191
scoring_system epss
scoring_elements 0.41031
published_at 2026-04-04T12:55:00Z
4
value 0.00252
scoring_system epss
scoring_elements 0.48553
published_at 2026-04-09T12:55:00Z
5
value 0.00252
scoring_system epss
scoring_elements 0.4856
published_at 2026-04-13T12:55:00Z
6
value 0.00252
scoring_system epss
scoring_elements 0.48547
published_at 2026-04-12T12:55:00Z
7
value 0.00252
scoring_system epss
scoring_elements 0.48574
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-29857
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29857
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63
5
reference_url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/
url https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857
6
reference_url https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f
7
reference_url https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281
8
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-29857
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-29857
10
reference_url https://security.netapp.com/advisory/ntap-20241206-0008
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241206-0008
11
reference_url https://www.bouncycastle.org/latest_releases.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:32:50Z/
url https://www.bouncycastle.org/latest_releases.html
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
reference_id 1070655
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070655
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2293028
reference_id 2293028
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2293028
14
reference_url https://github.com/advisories/GHSA-8xfc-gm6g-vgpv
reference_id GHSA-8xfc-gm6g-vgpv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8xfc-gm6g-vgpv
15
reference_url https://access.redhat.com/errata/RHSA-2024:4271
reference_id RHSA-2024:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4271
16
reference_url https://access.redhat.com/errata/RHSA-2024:4326
reference_id RHSA-2024:4326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4326
17
reference_url https://access.redhat.com/errata/RHSA-2024:4505
reference_id RHSA-2024:4505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4505
18
reference_url https://access.redhat.com/errata/RHSA-2024:5479
reference_id RHSA-2024:5479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5479
19
reference_url https://access.redhat.com/errata/RHSA-2024:5481
reference_id RHSA-2024:5481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5481
20
reference_url https://access.redhat.com/errata/RHSA-2024:5482
reference_id RHSA-2024:5482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5482
21
reference_url https://usn.ubuntu.com/8108-1/
reference_id USN-8108-1
reference_type
scores
url https://usn.ubuntu.com/8108-1/
fixed_packages
0
url pkg:maven/org.bouncycastle/bctls-jdk14@1.78
purl pkg:maven/org.bouncycastle/bctls-jdk14@1.78
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bctls-jdk14@1.78
aliases CVE-2024-29857, GHSA-8xfc-gm6g-vgpv
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4rs8-tp92-p7ck
2
url VCID-rary-mqyu-2yes
vulnerability_id VCID-rary-mqyu-2yes
summary 
Bouncy Castle for Java on All (API modules) allows Excessive Allocation
A resource allocation vulnerability exists in Bouncy Castle for Java (by Legion of the Bouncy Castle Inc.) that affects all API modules. The vulnerability allows attackers to cause excessive memory allocation through unbounded resource consumption, potentially leading to denial of service. The issue is located in the ASN1ObjectIdentifier.java file in the core module.

This issue affects Bouncy Castle for Java: from BC 1.0 through 1.77, from BC-FJA 1.0.0 through 2.0.0.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8885.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8885.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-8885
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21601
published_at 2026-04-13T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21659
published_at 2026-04-12T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21697
published_at 2026-04-11T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21686
published_at 2026-04-09T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21628
published_at 2026-04-08T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21551
published_at 2026-04-07T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.218
published_at 2026-04-04T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21745
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-8885
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8885
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8885
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/bcgit/bc-java
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java
5
reference_url https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
6
reference_url https://github.com/bcgit/bc-java/commit/3790993df5d28f661a64439a8664343437ed3865
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/bcgit/bc-java/commit/3790993df5d28f661a64439a8664343437ed3865
7
reference_url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T18:14:28Z/
url https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-8885
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-8885
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2387790
reference_id 2387790
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2387790
10
reference_url https://github.com/advisories/GHSA-67mf-3cr5-8w23
reference_id GHSA-67mf-3cr5-8w23
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-67mf-3cr5-8w23
fixed_packages
0
url pkg:maven/org.bouncycastle/bctls-jdk14@1.78
purl pkg:maven/org.bouncycastle/bctls-jdk14@1.78
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bctls-jdk14@1.78
aliases CVE-2025-8885, GHSA-67mf-3cr5-8w23
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rary-mqyu-2yes
Fixing_vulnerabilities
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.bouncycastle/bctls-jdk14@1.61