Debian Php-Phpseclib vulnerabilities

6 known vulnerabilities affecting debian/php-phpseclib.

Total CVEs

6

CISA KEV

0

Public exploits

1

Exploited in wild

0

Severity breakdown

HIGH5MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2026-32935HIGHCVSS 8.2fixed in php-phpseclib 2.0.42-1+deb12u3 (bookworm)2026

CVE-2026-32935 [HIGH] CVE-2026-32935: php-phpseclib - phpseclib is a PHP secure communications library. Projects using versions 1.0.26... phpseclib is a PHP secure communications library. Projects using versions 1.0.26 and below, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50. Scope: local bookworm: resolved (fixed in 2.0.42-1+deb12u3) bullseye: open for

CVE-2024-27355HIGHCVSS 7.5fixed in php-phpseclib 2.0.42-1+deb12u2 (bookworm)2024

CVE-2024-27355 [HIGH] CVE-2024-27355: php-phpseclib - An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3... An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. When processing the ASN.1 object identifier of a certificate, a sub identifier may be provided that leads to a denial of service (CPU consumption for decodeOID). Scope: local bookworm: resolved (fixed in 2.0.42-1+deb12u2) bullseye: resolved (fixed in 2.0.30-2+deb1

CVE-2024-27354HIGHCVSS 7.5fixed in php-phpseclib 2.0.42-1+deb12u2 (bookworm)2024

CVE-2024-27354 [HIGH] CVE-2024-27354: php-phpseclib - An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3... An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can construct a malformed certificate containing an extremely large prime to cause a denial of service (CPU consumption for an isPrime primality check). NOTE: this issue was introduced when attempting to fix CVE-2023-27560. Scope: local bookworm: resol

CVE-2023-52892HIGHCVSS 7.5fixed in php-phpseclib 2.0.42-1+deb12u3 (bookworm)2023

CVE-2023-52892 [HIGH] CVE-2023-52892: php-phpseclib - In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some chara... In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly allowed to have a special meaning in regular expressions (such as a + wildcard), leading to name confusion in X.509 certificate host verification. Scope: local bookworm: resolved (fixed in 2.0.42-1+deb12u3

CVE-2023-48795MEDIUMCVSS 5.9PoCfixed in dropbear 2022.83-1+deb12u1 (bookworm)2023

CVE-2023-48795 [MEDIUM] CVE-2023-48795: dropbear - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH bef... The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabl

CVE-2021-30130HIGHCVSS 7.5fixed in php-phpseclib 2.0.30-2 (bookworm)2021

CVE-2021-30130 [HIGH] CVE-2021-30130: php-phpseclib - phpseclib before 2.0.31 and 3.x before 3.0.7 mishandles RSA PKCS#1 v1.5 signatur... phpseclib before 2.0.31 and 3.x before 3.0.7 mishandles RSA PKCS#1 v1.5 signature verification. Scope: local bookworm: resolved (fixed in 2.0.30-2) bullseye: resolved (fixed in 2.0.30-2) forky: resolved (fixed in 2.0.30-2) sid: resolved (fixed in 2.0.30-2) trixie: resolved (fixed in 2.0.30-2)