Search for packages
Package details: pkg:maven/org.bouncycastle/bcpkix-fips@1.0.6
purl pkg:maven/org.bouncycastle/bcpkix-fips@1.0.6
Next non-vulnerable version 2.0.8
Latest non-vulnerable version 2.0.8
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-444n-c8c9-u3ek
Aliases:
CVE-2025-8916
GHSA-4cx2-fc23-5wg6
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java , https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathRevi... https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java . This issue affects Bouncy Castle for Java: from BC 1.44 through 1.78, from BCPKIX FIPS 1.0.0 through 1.0.7, from BCPKIX FIPS 2.0.0 through 2.0.7.
1.0.8
Affected by 0 other vulnerabilities.
2.0.8
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-09-13T15:36:20.113156+00:00 GitLab Importer Affected by VCID-444n-c8c9-u3ek https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcpkix-fips/CVE-2025-8916.yml 37.0.0