Description
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.
Remediation
References
Related Vulnerabilities
Atlassian Jira Other Vulnerability (CVE-2006-3339)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11111)
WordPress 3.6 Multiple Vulnerabilities (2.0 - 3.6)
Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2018-16843)
WordPress Plugin Greenshift-animation and page builder blocks Cross-Site Scripting (4.8.8)