Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly allowed to have a special meaning in regular expressions (such as a + wildcard), leading to name confusion in X.509 certificate host verification.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpseclib 安全漏洞
Vulnerability Description
phpseclib是phpseclib开源的一个 PHP 安全通信库。 phpseclib 1.0.22 之前、2.0.46 之前、3.0.33 之前版本存在安全漏洞,该漏洞源于TLS 证书中 Subject Alternative Name 字段中的某些字符允许在正则表达式中具有特殊含义,从而导致 X.509 证书主机验证中的名称混淆。
CVSS Information
N/A
Vulnerability Type
N/A