CVE-2024-27355

2024-03-0100:00:00

ubuntu.com

phpseclib

certificate

denial of service

AI Score

6.4

Confidence

Low

EPSS

Percentile

15.5%

JSON

An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47,
and 3.x before 3.0.36. When processing the ASN.1 object identifier of a
certificate, a sub identifier may be provided that leads to a denial of
service (CPU consumption for decodeOID).

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchphp-phpseclib< anyUNKNOWN
ubuntu20.04noarchphp-phpseclib< anyUNKNOWN
ubuntu22.04noarchphp-phpseclib< anyUNKNOWN
ubuntu16.04noarchphp-phpseclib< anyUNKNOWN
ubuntu22.04noarchphp-phpseclib3< anyUNKNOWN
ubuntu24.04noarchphp-phpseclib3< anyUNKNOWN
ubuntu18.04noarchphpseclib< anyUNKNOWN
ubuntu20.04noarchphpseclib< anyUNKNOWN
ubuntu22.04noarchphpseclib< anyUNKNOWN
ubuntu16.04noarchphpseclib< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	php-phpseclib	< any	UNKNOWN
ubuntu	20.04	noarch	php-phpseclib	< any	UNKNOWN
ubuntu	22.04	noarch	php-phpseclib	< any	UNKNOWN
ubuntu	16.04	noarch	php-phpseclib	< any	UNKNOWN
ubuntu	22.04	noarch	php-phpseclib3	< any	UNKNOWN
ubuntu	24.04	noarch	php-phpseclib3	< any	UNKNOWN
ubuntu	18.04	noarch	phpseclib	< any	UNKNOWN
ubuntu	20.04	noarch	phpseclib	< any	UNKNOWN
ubuntu	22.04	noarch	phpseclib	< any	UNKNOWN
ubuntu	16.04	noarch	phpseclib	< any	UNKNOWN