The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
07 Nov 2023, 03:06
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-10-08 14:15
Updated : 2024-02-28 17:28
NVD link : CVE-2019-17359
Mitre link : CVE-2019-17359
CVE.ORG link : CVE-2019-17359
JSON object : View
Products Affected
oracle
- communications_diameter_signaling_router
- peoplesoft_enterprise_hcm_global_payroll_switzerland
- retail_xstore_point_of_service
- flexcube_private_banking
- soa_suite
- managed_file_transfer
- data_integrator
- business_process_management_suite
- communications_convergence
- hospitality_guest_access
- financial_services_analytical_applications_infrastructure
- peoplesoft_enterprise_peopletools
- communications_session_route_manager
- weblogic_server
- webcenter_portal
netapp
- oncommand_api_services
- service_level_manager
- active_iq_unified_manager
- oncommand_workflow_automation
bouncycastle
- legion-of-the-bouncy-castle-java-crytography-api
apache
- tomee
CWE
CWE-770
Allocation of Resources Without Limits or Throttling