PT-2026-37312 · Phpseclib · Phpseclib
Published
2026-05-05
·
Updated
2026-06-05
·
CVE-2026-44167
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
phpseclib versions prior to 1.0.29
phpseclib versions prior to 2.0.54
phpseclib versions prior to 3.0.52
Description
phpseclib is a PHP secure communications library. An issue exists where loading untrusted ASN1 files, such as X509 certificates or RSA PKCS8 private and public keys, can lead to a security bypass.
Recommendations
Update to version 1.0.29.
Update to version 2.0.54.
Update to version 3.0.52.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phpseclib