21Eki
how to check usages of a class method in open source code
I detected in a codeline usage of a bouncy castle that is vulnerable to the cve CVE-2023-33201.
The CVE seems to come from the guilty class X509LDAPCertStoreSpi.java, and in specific the method search().
In the codeline I am testing, there is no direct usage of this class or method.
Now I want to see if the method X509LDAPCertStoreSpi.search() is used somewhere inside the bouncy castle to see if it is indirectly called. Any idea how to achieve this? and is this the right way to analyze exploitability?
