CVE-2025-9341

Published: Aug 22, 2025

Modified: Oct 24, 2025

PUBLISHED

Description

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java, org/bouncycastle/crypto/engines/AESNativeCBC.Java. This issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.

Vendor	Product	Versions
Legion of the Bouncy Castle Inc.	Bouncy Castle for Java FIPS	affected `2.1.0`
Legion of the Bouncy Castle Inc.	Bouncy Castle for Java LTS	affected `2.73.0 - <= 2.73.7`

Weaknesses (CWE)

CWE-400

References

https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909341

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-9341

Description

Affected Products

Weaknesses (CWE)

References