CVE-2025-8916

Possible DOS in processing large name constraint structures in PKIXCertPathReveiwer

CVSS 6.3 MEDIUMEPSS 0.4%CWE-770

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 6.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

13 ago 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All (API modules), Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.Java, https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.Java. This issue affects BC Java: from 1.44 through 1.78; BC Java: from 1.44 through 1.78; BCPKIX FIPS: from 1.0.0 through 1.0.7, from 2.0.0 through 2.0.7.

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber

Produtos afetados

Legion of the Bouncy Castle Inc. · BC Java Legion of the Bouncy Castle Inc. · BCPKIX FIPS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916