PT-2023-21205 · Phpseclib · Phpseclib
Published
2023-03-03
·
Updated
2025-09-15
·
CVE-2023-27560
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
phpseclib versions 3.0.0 through 3.0.18
Description
The issue is related to an infinite loop with composite primefields in the Math/PrimeField.php file. This was introduced in version 3.0.0 and has been patched in version 3.0.19.
Recommendations
For phpseclib versions 3.0.0 through 3.0.18, update to version 3.0.19 to resolve the issue. As a temporary workaround, consider avoiding the use of composite primefields in the Math/PrimeField.php file until the update is applied.
Exploit
Fix
Infinite Loop
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phpseclib