CVE-2025-8885

Published: Aug 12, 2025

Modified: Sep 12, 2025

PUBLISHED

Description

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti... https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java . This issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1.

Vendor	Product	Versions
Legion of the Bouncy Castle Inc.	BC Java	affected `1.0 - <= 1.77`
Legion of the Bouncy Castle Inc.	BC-FJA	affected `1.0.0 - <= 1.0.2.5` affected `2.0.0 - <= 2.0.1`

Weaknesses (CWE)

CWE-770

References

https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-8885

Description

Affected Products

Weaknesses (CWE)

References