Lucene search

GitHub Advisory DatabaseGHSA-FF7Q-6VWH-V9M4

HistoryJun 28, 2024 - 12:33 a.m.

Name confusion in x509 Subject Alternative Name fields

2024-06-2800:33:31

CWE-436

GitHub Advisory Database

github.com

phpseclib

x509

tls certificates

regular expressions

name confusion

host verification

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.7

Confidence

High

JSON

In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly allowed to have a special meaning in regular expressions (such as a + wildcard), leading to name confusion in X.509 certificate host verification.

Affected configurations

Vulners

Node

phpseclibphpseclibRange3.0.0–3.0.33

phpseclibphpseclibRange2.0.0–2.0.46

phpseclibphpseclibRange<1.0.22

VendorProductVersionCPE
phpseclibphpseclib*cpe:2.3:a:phpseclib:phpseclib:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpseclib	phpseclib	*	cpe:2.3:a:phpseclib:phpseclib::::::::

References

github.com/advisories/GHSA-ff7q-6vwh-v9m4

github.com/phpseclib/phpseclib/commit/6cd6e8ceab9f2b55c8cd81d2192bf98cbeaf4627

github.com/phpseclib/phpseclib/issues/1943

github.com/phpseclib/phpseclib/releases/tag/3.0.33

github.com/x509-name-testing/name_testing_artifacts

nvd.nist.gov/vuln/detail/CVE-2023-52892

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.7

Confidence

High

JSON

Related for GHSA-FF7Q-6VWH-V9M4