org.bouncycastle:bcprov-debug-jdk15to18 1.74 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.bouncycastle:bcprov-debug-jdk15to18 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Allocation of Resources Without Limits or Throttling Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in `PKIXCertPathReviewer`. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1 objects, potentially leading to service disruption. How to fix Allocation of Resources Without Limits or Throttling? Upgrade `org.bouncycastle:bcprov-debug-jdk15to18` to version 1.79 or higher.	[,1.79)
M Allocation of Resources Without Limits or Throttling Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the `ASN1ObjectIdentifier`. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption. Note: This issue only applies to applications which do consume unvetted, or otherwise unvalidated, ASN.1 encodings. How to fix Allocation of Resources Without Limits or Throttling? Upgrade `org.bouncycastle:bcprov-debug-jdk15to18` to version 1.78 or higher.	[,1.78)

Vulnerability

Vulnerable Version

Allocation of Resources Without Limits or Throttling

Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An attacker can cause excessive resource allocation by submitting specially crafted ASN.1 objects, potentially leading to service disruption.

How to fix Allocation of Resources Without Limits or Throttling?

Upgrade org.bouncycastle:bcprov-debug-jdk15to18 to version 1.79 or higher.

[,1.79)

Allocation of Resources Without Limits or Throttling

Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption.

Note: This issue only applies to applications which do consume unvetted, or otherwise unvalidated, ASN.1 encodings.

How to fix Allocation of Resources Without Limits or Throttling?

Upgrade org.bouncycastle:bcprov-debug-jdk15to18 to version 1.78 or higher.

[,1.78)

org.bouncycastle:bcprov-debug-jdk15to18@1.74 vulnerabilities

latest version

latest non vulnerable version

first published

latest version published

licenses detected

package registry

Direct Vulnerabilities

How to fix?