CVE-2025-14813
ADVISORY - githubSummary
The GOST 28147-2015 CTR mode implementation (G3413CTRBlockCipher) in the Legion of the Bouncy Castle BC-JAVA bcprov core module only increments the final byte of the counter, so the counter wraps after 255 blocks and the keystream is reused. Reusing CTR keystream allows an attacker who can observe two ciphertexts produced with the same key/IV to recover the XOR of the plaintexts, breaking confidentiality. Affects BC-JAVA from 1.59 before 1.84 (with backported fixes in 1.80.2 and 1.81.1).
EPSS Score: 0.00313 (0.232)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Use of a Broken or Risky Cryptographic Algorithm
ADVISORY - github
Reusing a Nonce, Key Pair in Encryption
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in