VulnerableCode Package Details - pkg:maven/org.bouncycastle/bcpkix-fips@2.0.0

Search for packages

Package details: pkg:maven/org.bouncycastle/bcpkix-fips@2.0.0

Essentials
History (1)

purl	pkg:maven/org.bouncycastle/bcpkix-fips@2.0.0
Tags	Ghost

Next non-vulnerable version	2.0.8
Latest non-vulnerable version	2.0.8
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-444n-c8c9-u3ek Aliases: CVE-2025-8916 GHSA-4cx2-fc23-5wg6	Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java , https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathRevi... https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java . This issue affects Bouncy Castle for Java: from BC 1.44 through 1.78, from BCPKIX FIPS 1.0.0 through 1.0.7, from BCPKIX FIPS 2.0.0 through 2.0.7.	2.0.8 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-14T12:45:22.670076+00:00	GHSA Importer	Affected by	VCID-444n-c8c9-u3ek	https://github.com/advisories/GHSA-4cx2-fc23-5wg6	37.0.0