VulnerableCode Package Details - pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.79

Search for packages

Package details: pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.79

Essentials
History (2)

purl	pkg:maven/org.bouncycastle/bcpkix-jdk15to18@1.79

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-444n-c8c9-u3ek	Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java , https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathRevi... https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java . This issue affects Bouncy Castle for Java: from BC 1.44 through 1.78, from BCPKIX FIPS 1.0.0 through 1.0.7, from BCPKIX FIPS 2.0.0 through 2.0.7.	CVE-2025-8916 GHSA-4cx2-fc23-5wg6

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-14T12:45:22.596044+00:00	GHSA Importer	Fixing	VCID-444n-c8c9-u3ek	https://github.com/advisories/GHSA-4cx2-fc23-5wg6	37.0.0
2025-08-14T09:13:50.262423+00:00	GithubOSV Importer	Fixing	VCID-444n-c8c9-u3ek	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/08/GHSA-4cx2-fc23-5wg6/GHSA-4cx2-fc23-5wg6.json	37.0.0