New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
HIGH 7.5 Maven

Out-of-Memory Error in Bouncy Castle Crypto

GHSA-2mh8-gx2m-mr75 · CVE-2019-17359

Published · Modified

Description

The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.

References

Ready to move

Start Securing

Free, no credit card | First findings in minutes