org.bouncycastle: bcprov is vulnerable to Denial of Service (DoS). The vulnerability arises due to parsing certificates in the PEMParser class. This class is responsible for parsing X.509 certificates, encoded keys and PKCS7 objects. The parser can throw an OutOfMemoryError
while parsing crafted ASN.1 data which can ultimately lead to a DoS.
CPE | Name | Operator | Version |
---|---|---|---|
bouncy castle provider | le | 1.72 | |
bouncy castle provider | le | 1.70 | |
bouncy castle provider | le | 1.72 | |
bouncy castle provider | le | 1.70 |