bouncycastle vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the bouncycastle package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L CVE-2025-12194	*
L CVE-2025-8916	<1.80-1
L CVE-2025-8885	<1.80-1
L CVE-2024-34447	<1.80-1
L CVE-2024-30172	<1.80-1
L CVE-2024-29857	<1.80-1
L CVE-2024-30171	<1.80-1
M Resource Exhaustion	<1.77-1
M Improper Certificate Validation	<1.77-1
M Race Condition	<1.68-1
H CVE-2020-28052	<1.65-2
M Information Exposure	<1.61-1
L Deserialization of Untrusted Data	<1.60-1
H Use of a Broken or Risky Cryptographic Algorithm	<1.59-2
M Time and State	<1.56-1
H Cryptographic Issues	<1.56-1
L Key Management Errors	<1.56-1
H Cryptographic Issues	<1.56-1
H Cryptographic Issues	<1.56-1
M Time and State	<1.56-1
H Improper Data Handling	<1.56-1
H Improper Verification of Cryptographic Signature	<1.56-1
M Cryptographic Issues	<1.56-1
H Improper Verification of Cryptographic Signature	<1.56-1
M Improper Validation of Integrity Check Value	<1.48+dfsg-2
M Information Exposure	<1.58-1
L Information Exposure	<1.54-1
M Cryptographic Issues	<1.51-1
L Cryptographic Issues	<1.48+dfsg-2
L Cryptographic Issues	<1.48+dfsg-2
M Improper Input Validation	<1.49+dfsg-1
C CVE-2007-6721	<1.38-1