Skip to content

Commit ce63f2c

Browse files
committed
1 parent e39f870 commit ce63f2c

1 file changed

Lines changed: 11 additions & 8 deletions

File tree

advisories/github-reviewed/2026/05/GHSA-mx76-r943-rf8g/GHSA-mx76-r943-rf8g.json

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -7,32 +7,35 @@
77
"CVE-2026-8149"
88
],
99
"summary": "Bouncy Castle has a vulnerability in program files gcm128w, gcm512w",
10-
"details": "A vulnerability in Legion of the Bouncy Castle Inc. BC-FJA BC-FIPS on Linux, X86_64, AVX, AVX-512f.\n\nThis vulnerability is associated with program files gcm128w, gcm512w.\n\nThis issue affects BC-LTS: from 2.73.0 before 2.73.11",
10+
"details": "A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X86_64, AVX, AVX-512f.\n\nThis vulnerability is associated with program files gcm128w, gcm512w.\n\nThis issue affects BC-LTS: from 2.73.0 before 2.73.11",
1111
"severity": [
1212
{
13-
"type": "CVSS_V3",
14-
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N"
13+
"type": "CVSS_V4",
14+
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"
1515
}
1616
],
1717
"affected": [
1818
{
1919
"package": {
2020
"ecosystem": "Maven",
21-
"name": "org.bouncycastle:bc-fips"
21+
"name": "org.bouncycastle:bctls-lts8on"
2222
},
2323
"ranges": [
2424
{
2525
"type": "ECOSYSTEM",
2626
"events": [
2727
{
28-
"introduced": "2.1.0"
28+
"introduced": "2.73.0"
2929
},
3030
{
31-
"last_affected": "2.1.2"
31+
"fixed": "2.73.11"
3232
}
3333
]
3434
}
35-
]
35+
],
36+
"database_specific": {
37+
"last_known_affected_version_range": "<= 2.73.10"
38+
}
3639
}
3740
],
3841
"references": [
@@ -49,7 +52,7 @@
4952
"cwe_ids": [
5053
"CWE-1068"
5154
],
52-
"severity": "LOW",
55+
"severity": "MODERATE",
5356
"github_reviewed": true,
5457
"github_reviewed_at": "2026-05-14T13:06:27Z",
5558
"nvd_published_at": "2026-05-08T07:16:29Z"

0 commit comments

Comments
 (0)