Описание
An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can construct a malformed certificate containing an extremely large prime to cause a denial of service (CPU consumption for an isPrime primality check). NOTE: this issue was introduced when attempting to fix CVE-2023-27560.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 2.0.47-1 |
| esm-apps/bionic | released | 2.0.9-1ubuntu0.1~esm2 |
| esm-apps/focal | released | 2.0.23-2ubuntu0.1~esm2 |
| esm-apps/jammy | released | 2.0.36-1ubuntu0.1~esm2 |
| esm-apps/noble | not-affected | 2.0.47-1 |
| esm-apps/xenial | released | 2.0.1-1ubuntu0.1~esm2 |
| focal | ignored | end of standard support, was needed |
| jammy | needed | |
| mantic | ignored | end of life, was needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 3.0.37-1 |
| esm-apps/jammy | released | 3.0.13-1ubuntu0.1~esm1 |
| esm-apps/noble | not-affected | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | needed | |
| mantic | ignored | end of life, was needs-triage |
| noble | not-affected | |
| oracular | not-affected | 3.0.37-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 1.0.23-1 |
| esm-apps/bionic | released | 1.0.9-1ubuntu0.1~esm1 |
| esm-apps/focal | released | 1.0.18-2ubuntu0.1~esm1 |
| esm-apps/jammy | released | 1.0.20-1ubuntu0.1~esm1 |
| esm-apps/noble | not-affected | 1.0.23-1 |
| esm-apps/xenial | released | 1.0.1-3ubuntu0.1+esm1 |
| focal | ignored | end of standard support, was needed |
| jammy | needed | |
| mantic | ignored | end of life, was needs-triage |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can construct a malformed certificate containing an extremely large prime to cause a denial of service (CPU consumption for an isPrime primality check). NOTE: this issue was introduced when attempting to fix CVE-2023-27560.
An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0 ...
phpseclib a large prime can cause a denial of service
EPSS
7.5 High
CVSS3