Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Debian LTS php-phpseclib Critical Denial of Service SSRF Fix DLA-4670-1

debian lts
Calendar Grey July 4, 2026
Dist Debian Esm H88
Addressing critical security issues in php-phpseclib impacting Debian LTS users; prevent denial of service and SSRF risks now.
Several vulnerabilities were discovered in phpseclib, a PHP secure communications library, which could result in hostname validation bypass, timing side-channel attacks, denial of ...

Summary

CVE-2023-52892

X509.php did not properly escape regular expression special
characters in a certificate's subjectAltName, allowing a crafted
certificate to bypass hostname validation in validateURL().

CVE-2026-32935

The block cipher unpadding routine in Crypt/Base.php used a
short-circuiting comparison, creating a timing side channel that
could aid padding-oracle-style attacks.

CVE-2026-40194

The SSH2 implementation compared incoming packet HMACs using a
variable-time string comparison, creating a timing side channel
on cryptographic material.

CVE-2026-44167

The ASN.1 decoder's 4096-byte Object Identifier limit (mitigating
CVE-2024-27355) was still large enough to allow an "OID
amplification" denial of service via crafted ASN.1 structures.

CVE-2026-55599

File_X509 could automatically fetch a URL from a certificate's
Authority Information Access extension without validating the
destination, allowing SSRF via a crafted certificate.

Read the Full Advisory


Severity
critical
Lowest
Low
Medium
High
Critical

Package: php-phpseclib
Version: 2.0.30-2+deb11u3
CVE ID: CVE-2023-52892 CVE-2026-32935 CVE-2026-40194
Debian Bug: 1131483

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here