Security update for cacti (moderate)

openSUSE Security Update: Security update for cacti Announcement ID: openSUSE-SU-2026:0189-1 Rating: moderate References: Cross-References: CVE-2024-27355 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description: This update for cacti...

SUSE CVE-2024-27355

An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. When processing the ASN.1 object identifier of a certificate, a sub identifier may be provided that leads to a denial of service CPU consumption for decodeOID...

Linux Distros Unpatched Vulnerability : CVE-2026-44167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8...

CVE-2026-44167

A flaw was found in phpseclib, a PHP secure communications library. This vulnerability allows a remote attacker to trigger a denial of service by providing specially crafted, untrusted ASN.1 Abstract Syntax Notation One files, such as X.509 certificates or RSA private/public keys. This issue is a...

CVE-2026-44167

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

DEBIAN-CVE-2026-44167

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

CVE-2026-44167

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

CVE-2026-44167 phpseclib: CVE-2024-27355 mitigation bypass — OID amplification DoS in ASN1::decodeOID()

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

CVE-2026-44167 phpseclib: CVE-2024-27355 mitigation bypass — OID amplification DoS in ASN1::decodeOID()

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

CVE-2026-44167

phpseclib contains a mitigation bypass for CVE-2024-27355 in the OID handling path (ASN1::decodeOID). Prior to versions 1.0.29, 2.0.54, and 3.0.52, loading untrusted ASN.1 data (e.g., X.509 certificates, RSA keys) could trigger a denial-of-service. The vulnerability is fixed in 1.0.29, 2.0.54, an...

CVE-2026-44167

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

phpseclib 资源管理错误漏洞

phpseclib is an open-source PHP security communication library developed by phpseclib. Versions prior to 1.0.29, 2.0.54, and 3.0.52 contained a resource management vulnerability. This vulnerability stemmed from an issue where bypassing CVE-2024-27355 was possible when loading untrusted ASN1 files...

GHSA-2F25-PFQ3-C7H8 Phpseclib needs guardrails on large binaryfield integers

Impact Anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc Patches https://github.com/phpseclib/phpseclib/commit/964d78101a70305df33f442f5490f0adb3b7e77f Workarounds No. References...

Phpseclib needs guardrails on large binaryfield integers

Impact Anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc Patches https://github.com/phpseclib/phpseclib/commit/964d78101a70305df33f442f5490f0adb3b7e77f Workarounds No. References...

EUVD-2023-2993

Phpseclib needs guardrails on large binaryfield integers...

GHSA-F2QX-66WF-WVVX phpseclib guardrails needed on OID length

Impact Any application using that loads untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. Patches https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59 Workarounds No. Resources...

EUVD-2024-0951

phpseclib guardrails needed on OID length...

EUVD-2024-0936

phpseclib: guardrails needed on isPrime and randomPrime...

GHSA-2528-JW5Q-WW88 phpseclib: guardrails needed on isPrime and randomPrime

Impact Anyone trying to generate a prime and testing the primality of a number. Patches https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575 Workarounds Using the GMP extension would probably help, assuming that one has its own guardrails. Resources...

phpseclib: guardrails needed on isPrime and randomPrime

Impact Anyone trying to generate a prime and testing the primality of a number. Patches https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575 Workarounds Using the GMP extension would probably help, assuming that one has its own guardrails. Resources...