bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpg. A specially crafted PGP AEAD Authenticated Encryption with Associated Data message with an unbounded chunk size can lead to an excessive consumption of memory. This issue allows an unauthenticated remote attacker to cause memory...