The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bouncycastle legion-of-the-bouncy-castle-java-crytography-api 1.63 |
||
apache tomee 7.0.7 |
||
apache tomee 7.1.2 |
||
apache tomee 8.0.1 |
||
netapp active iq unified manager |
||
netapp oncommand api services - |
||
netapp oncommand workflow automation - |
||
netapp service level manager - |
||
oracle business process management suite 12.2.1.3.0 |
||
oracle business process management suite 12.2.1.4.0 |
||
oracle communications convergence |
||
oracle communications diameter signaling router |
||
oracle communications session route manager |
||
oracle data integrator 12.2.1.4.0 |
||
oracle financial services analytical applications infrastructure |
||
oracle flexcube private banking 12.0.0 |
||
oracle flexcube private banking 12.1.0 |
||
oracle hospitality guest access 4.2.0 |
||
oracle managed file transfer 12.2.1.3.0 |
||
oracle managed file transfer 12.2.1.4.0 |
||
oracle peoplesoft enterprise hcm global payroll switzerland 9.2 |
||
oracle peoplesoft enterprise peopletools 8.56 |
||
oracle peoplesoft enterprise peopletools 8.57 |
||
oracle peoplesoft enterprise peopletools 8.58 |
||
oracle retail xstore point of service 18.0.1 |
||
oracle soa suite 12.2.1.3.0 |
||
oracle soa suite 12.2.1.4.0 |
||
oracle webcenter portal 11.1.1.9.0 |
||
oracle webcenter portal 12.2.1.3.0 |
||
oracle webcenter portal 12.2.1.4.0 |
||
oracle weblogic server 12.2.1.3.0 |
||
oracle weblogic server 12.2.1.4.0 |