USN-7404-1: phpseclib vulnerabilities

Read Time:45 Second

It was discovered that phpseclib did not correctly handle RSA PKCS#1
v1.5 signature verification. An attacker could possibly use this issue to
bypass authentication. This issue only affected Ubuntu 20.04 LTS.
(CVE-2021-30130)

It was discovered that phpseclib did not correctly handle certain
characters in certain TLS fields, which could lead to name confusion.
An attacker could possibly use this issue to bypass authentication.
(CVE-2023-52892)

It was discovered that phpseclib incorrectly limited the size of prime
numbers generated by isPrime. An attacker could possibly use this issue
to cause a denial of service. (CVE-2024-27354)

It was discovered that phpseclib did not correctly handle processing the
ASN.1 object identifier of a certificate. An attacker could possibly use
this issue to cause a denial of service. This issue only affected
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-27355)

NVD Revamps Operations as Vulnerability Reporting Surges

Friday Squid Blogging: Squid and Efficient Solar Tech

Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today

AI Vulnerability Finding

Ransomware reaches a record high, but payouts are dwindling

Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems

Reimagining Democracy

China-based SMS Phishing Triad Pivots to Banks

Google Cloud: China Achieves “Cyber Superpower” Status

USN-7404-1: phpseclib vulnerabilities

rpki-client-9.5-1.el10_0

rpki-client-9.5-1.fc41

rpki-client-9.5-1.fc40

rpki-client-9.5-1.el9

rpki-client-9.5-1.el10_1

rpki-client-9.5-1.fc42