Vendor

Phpseclib

3 briefs RSS

phpseclib Library Vulnerable to Prime Number Generation Weakness

The phpseclib library has a vulnerability affecting prime number generation and primality testing, impacting versions >= 0.1.1 and < 1.0.23, >= 2.0.0 and < 2.0.47, and >= 3.0.0 and < 3.0.36, potentially leading to insecure cryptographic operations.

phpseclib/phpseclib cryptography vulnerability phpseclib prime_number

2r 1t May 7, 2024

medium advisory

phpseclib OID Amplification DoS Vulnerability

2 rules 1 TTP

A vulnerability exists in phpseclib when loading untrusted ASN1 files, potentially leading to an OID amplification denial-of-service (DoS) in the ASN1::decodeOID() function.

phpseclib +2 denial-of-service asn1

2r 1t May 6, 2024

high advisory

Phpseclib ASN.1 Integer Overflow Vulnerability (CVE-2023-49316)

2 rules 1 CVE

Phpseclib versions 3.0.0 before 3.0.34 are vulnerable to an integer overflow when loading untrusted ASN.1 files, such as X.509 certificates and RSA PKCS8 keys, potentially leading to denial of service or remote code execution.

phpseclib/phpseclib integer-overflow asn1 php CVE-2023-49316

2r 1c Jan 3, 2024