247 matches found
[SECURITY] [DSA 6187-1] php-phpseclib3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6187-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 29, 2026 https://www.debian.org/security/faq -...
[SECURITY] [DSA 6186-1] php-phpseclib security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6186-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 29, 2026 https://www.debian.org/security/faq -...
[SECURITY] [DSA 6185-1] phpseclib security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6185-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 29, 2026 https://www.debian.org/security/faq -...
Debian dsa-6186 : php-phpseclib - security update
The remote Debian 12 / 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6186 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6186-1 [email protected]...
Debian dsa-6185 : php-seclib - security update
The remote Debian 12 / 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6185 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6185-1 [email protected]...
DSA-6186-1 php-phpseclib - security update
Bulletin has no description...
DSA-6185-1 phpseclib - security update
Bulletin has no description...
Debian dsa-6187 : php-phpseclib3 - security update
The remote Debian 12 / 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6187 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6187-1 [email protected]...
[SECURITY] Fedora 42 Update: php-phpseclib-2.0.52-1.fc42
MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS1 v2.1 compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509...
[SECURITY] Fedora 43 Update: php-phpseclib-2.0.52-1.fc43
MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS1 v2.1 compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509...
Fedora 43 : php-phpseclib (2026-d1feefa819)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d1feefa819 advisory. Update to v2.0.52 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
Fedora 42 : php-phpseclib (2026-bfeb46516b)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bfeb46516b advisory. Update to v2.0.52 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
Linux Distros Unpatched Vulnerability : CVE-2026-32935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpseclib is a PHP secure communications library. Projects using versions 0.1.1 through 1.0.26, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to...
CVE-2026-32935
A flaw was found in phpseclib, a PHP secure communications library. When using Advanced Encryption Standard AES in Cipher Block Chaining CBC mode, a remote attacker can exploit a padding oracle timing attack. This vulnerability may allow the attacker to decrypt sensitive information by observing...
Timing Attack
Overview phpseclib/phpseclib is a PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. Affected versions of this package are vulnerable to Timing Attack via the AES algorithm in CBC mode. An attacker can recover sensitive information by exploiting timin...
CVE-2026-32935
phpseclib is a PHP secure communications library. Projects using versions 0.1.1 through 1.0.26, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50...
UBUNTU-CVE-2026-32935
phpseclib is a PHP secure communications library. Projects using versions 0.1.1 through 1.0.26, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50...
CVE-2026-32935 phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack
phpseclib is a PHP secure communications library. Projects using versions 0.1.1 through 1.0.26, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50...
CVE-2026-32935 phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack
phpseclib is a PHP secure communications library. Projects using versions 0.1.1 through 1.0.26, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50...
CVE-2026-32935
CVE-2026-32935 affects phpseclib with AES-CBC padding oracle timing vulnerability. Affected versions: 1.0.26 and below; 2.0.0–2.0.51; 3.0.0–3.0.49. Root cause: short-circuiting in the unpadding function enables timing leakage. Impact per sources: potential confidentiality impact (C) with high lik...