Description

The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.

Remediation

References

CVE-2019-17359

Related Vulnerabilities

Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)

GeoServer Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-36401)

WordPress Other Vulnerability (CVE-2007-0107)

WordPress Plugin Meta Slider and Carousel with Lightbox Cross-Site Request Forgery (1.6.2)

Jenkins Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2024-43044)

Severity

High

Classification

CVE-2019-17359 CWE-770 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities