CVE-2025-14813

EUVD-2025-209467
: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules).

 This vulnerability is associated with program files G3413CTRBlockCipher.



This issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
bouncycastle
Amazon Linux 2023
0:1.70-4.amzn2023.0.6
fixed
bouncycastle-javadoc
Amazon Linux 2023
0:1.70-4.amzn2023.0.6
fixed
bouncycastle-mail
Amazon Linux 2023
0:1.70-4.amzn2023.0.6
fixed
bouncycastle-pg
Amazon Linux 2023
0:1.70-4.amzn2023.0.6
fixed
bouncycastle-pkix
Amazon Linux 2023
0:1.70-4.amzn2023.0.6
fixed
bouncycastle-tls
Amazon Linux 2023
0:1.70-4.amzn2023.0.6
fixed
bouncycastle-util
Amazon Linux 2023
0:1.70-4.amzn2023.0.6
fixed