CVE-2019-17359
published 2019-10-08CVE-2019-17359: The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.
Affected
31 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | tomee | — | — |
| apache | tomee | — | — |
| apache | tomee | — | — |
| bouncycastle | bc-java | — | — |
| debian | bouncycastle | — | — |
| netapp | active_iq_unified_manager | >= 7.3 | — |
| netapp | active_iq_unified_manager | >= 9.5 | — |
| oracle | business_process_management_suite | — | — |
| oracle | business_process_management_suite | — | — |
| oracle | communications_convergence | 3.0.1.0 – 3.0.2.1 | — |
| oracle | communications_diameter_signaling_router | 8.0.0 – 8.2.2 | — |
| oracle | communications_session_route_manager | 8.2.0 – 8.2.2 | — |
| oracle | data_integrator | — | — |
| oracle | financial_services_analytical_applications_infrastructure | 8.0.6 – 8.0.9 | — |
| oracle | flexcube_private_banking | — | — |
| oracle | flexcube_private_banking | — | — |
| oracle | hospitality_guest_access | — | — |
| oracle | managed_file_transfer | — | — |
| oracle | managed_file_transfer | — | — |
| oracle | peoplesoft_enterprise_hcm_global_payroll_switzerland | — | — |
| oracle | peoplesoft_enterprise_peopletools | — | — |
| oracle | peoplesoft_enterprise_peopletools | — | — |
| oracle | peoplesoft_enterprise_peopletools | — | — |
| oracle | retail_xstore_point_of_service | — | — |
| oracle | soa_suite | — | — |