VulnerableCode Package Details - pkg:maven/org.bouncycastle/bcpkix-jdk14@1.61

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.bouncycastle/bcpkix-jdk14@1.61

purl	pkg:maven/org.bouncycastle/bcpkix-jdk14@1.61

Next non-vulnerable version	1.73
Latest non-vulnerable version	1.78
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-sz15-payv-uyab Aliases: CVE-2023-33202 GHSA-wjxj-5m7g-mg7q	Uncontrolled Resource Consumption Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack.	1.73 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T22:43:54.548416+00:00	GitLab Importer	Affected by	VCID-sz15-payv-uyab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcpkix-jdk14/CVE-2023-33202.yml	38.4.0
2026-04-12T00:03:30.076077+00:00	GitLab Importer	Affected by	VCID-sz15-payv-uyab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcpkix-jdk14/CVE-2023-33202.yml	38.3.0
2026-04-03T00:08:11.034779+00:00	GitLab Importer	Affected by	VCID-sz15-payv-uyab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.bouncycastle/bcpkix-jdk14/CVE-2023-33202.yml	38.1.0