API - API Security Blog

EUVD-2025-25504

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules) allows Excessive Allocation. This vulnerability is associat ...

August 22, 2025

EUVD-2025-25505

Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/p ...

August 22, 2025

MAL-2025-41268 Malicious code in api-react125 (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (d2f6ad3f3d48477a940b0ade2ae623d9001486fb2dee5c4f448fa429a9165879) The OpenSSF Package Analysis project identified & ...

August 22, 2025

MAL-2025-41267 Malicious code in api-react12 (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (374907a2a16eece2c53ad49cdf418645492c72660b5bf4ae22a0ce80d08145d9) The OpenSSF Package Analysis project identified & ...

August 22, 2025

Fedora: Security Advisory (FEDORA-2025-1e9ad724f8)

The remote host is missing an update for...Read More ...

August 22, 2025

Fedora: Security Advisory (FEDORA-2025-92719fd556)

The remote host is missing an update for...Read More ...

August 22, 2025

CVE-2025-9341 Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules) allows Excessive Allocation. This vulnerability is associat ...

August 22, 2025

CVE-2025-9340 native encrypt/decrypt operations in JCE may corrupt data if same byte array used for input and output.

Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/p ...

August 22, 2025