An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. When processing the ASN.1 object identifier of a certificate, a sub identifier may be provided that leads to a denial of service (CPU consumption for decodeOID).
Metrics
Affected Vendors & Products
References
History
Tue, 13 Aug 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-400 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-03-01T00:00:00
Updated: 2024-08-13T13:38:16.577Z
Reserved: 2024-02-25T00:00:00
Link: CVE-2024-27355
Vulnrichment
Updated: 2024-08-02T00:34:51.670Z
NVD
Status : Awaiting Analysis
Published: 2024-03-01T23:15:08.553
Modified: 2024-08-13T14:35:13.783
Link: CVE-2024-27355
Redhat
No data.