7 matches found
Debian dla-4518 : php-seclib - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4518 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4518-1 [email protected]...
Fedora: Security Advisory (FEDORA-2025-91d6e174d9)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2023-52892
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly...
Fedora 40 : php-phpseclib (2025-b38cbff99d)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b38cbff99d advisory. Security fix for CVE-2023-52892, CVE-2024-27354 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...
Fedora 41 : php-phpseclib (2025-91d6e174d9)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-91d6e174d9 advisory. Security fix for CVE-2023-52892, CVE-2024-27354 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...
CVE-2023-52892
In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly allowed to have a special meaning in regular expressions such as a + wildcard, leading to name confusion in X.509 certificate host...
CVE-2023-52892
The CVE-2023-52892 issue in phpseclib affects TLS hostname verification: in phpseclib versions before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, certain characters in Subject Alternative Name fields can be interpreted with special regex meaning (e.g., a + wildcard), causing name confusion ...