Vulnerabilidades em Legion of the Bouncy Castle Inc.
12 resultadosCVE-2026-5598HIGHNon-constant time comparisons risk private key leakage in FrodoKEM.EPSS 0.5%CVE-2025-8885MEDIUMPossible DOS in processing specially formed ASN.1 Object IdentifiersEPSS 0.5%CVE-2026-0636MEDIUMLDAP Injection Vulnerability in LDAPStoreHelper.javaEPSS 0.5%CVE-2025-8916MEDIUMPossible DOS in processing large name constraint structures in PKIXCertPathReveiwerEPSS 0.4%CVE-2026-3505HIGHUnbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.EPSS 0.4%CVE-2026-5588MEDIUMPKIX draft CompositeVerifier accepts empty signature sequence as valid.EPSS 0.3%CVE-2026-8149MEDIUMGCM chunking can lead to bad tag exception on decryptionEPSS 0.2%CVE-2025-9340NONEnative encrypt/decrypt operations in JCE may corrupt data if same byte array used for input and output.EPSS 0.2%CVE-2025-9341MEDIUMGarbage collection can delay for AES CBC Native support, resulting in heap exhaustionEPSS 0.1%CVE-2025-12194MEDIUMUncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules)EPSS 0.1%CVE-2025-9092LOWHybrid Module Deployment in Multi-JVM Environments Leading to Resource ExhaustionEPSS 0.1%CVE-2025-14813CRITICALGOSTCTR implementation unable to process more than 255 blocks correctlyEPSS 0.1%