| CVE-2023-49316 |
high |
— |
8.0 |
|
|
|
26d ago |
Phpseclib needs guardrails on large binaryfield integers |
| CVE-2024-27355 |
high |
— |
8.0 |
|
|
|
26d ago |
phpseclib guardrails needed on OID length |
| CVE-2024-27354 |
high |
— |
8.0 |
|
|
|
28d ago |
phpseclib: guardrails needed on isPrime and randomPrime |
| CVE-2026-44167 |
high |
7.5 |
7.5 |
|
|
|
29d ago |
phpseclib has a CVE-2024-27355 mitigation bypass — OID amplification DoS in ASN1::decodeOID() |
| CVE-2026-32935 |
medium |
5.9 |
5.9 |
|
|
|
3mo ago |
phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack |
| CVE-2026-40194 |
low |
3.7 |
3.7 |
|
|
|
2mo ago |
phpseclib has a variable-time HMAC comparison in SSH2::get_binary_packet() using != instead of hash_equals() |
| CVE-2023-52892 |
unknown |
— |
— |
|
|
|
2y ago |
In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly allowed to have a special meaning in regul… |
| CVE-2023-27560 |
unknown |
— |
— |
|
|
|
3y ago |
phpseclib Infinite Loop vulnerability |
| CVE-2021-30130 |
unknown |
— |
— |
|
|
|
5y ago |
Improper Certificate Validation in phpseclib |
