PT-2023-31165 · Phpseclib · Phpseclib

Terrafrost

·

Publicado

2023-11-27

·

Atualizado

2026-05-09

·

CVE-2023-49316

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions phpseclib versions 3.0.0 through 3.0.33
Description The issue arises from excessively large degrees in binary fields, which can lead to a denial of service. This occurs in the Math/BinaryField.php file of the phpseclib library.
Recommendations For phpseclib versions 3.0.0 through 3.0.33, update to version 3.0.34 or later to resolve the issue.

Exploit

Correção

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-834CWE-400

Identificadores relacionados

CVE-2023-49316
GHSA-2F25-PFQ3-C7H8
GHSA-JPR7-Q523-HX25

Produtos afetados

Phpseclib