CVE-2023-52892

In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly allowed to have a special meaning in regular expressions (such as a + wildcard), leading to name confusion in X.509 certificate host verification.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Debian logo
Debian Releases
Debian Product
Codename
php-phpseclib
bullseye
no-dsa
bookworm
no-dsa
bullseye (security)
vulnerable
bookworm (security)
vulnerable
trixie
2.0.48-1
fixed
sid
2.0.48-1
fixed
php-phpseclib3
bookworm
no-dsa
bullseye
no-dsa
bookworm (security)
vulnerable
trixie
3.0.43-1
fixed
sid
3.0.43-1
fixed
phpseclib
bullseye
no-dsa
bookworm
no-dsa
bullseye (security)
vulnerable
bookworm (security)
vulnerable
trixie
1.0.23-3
fixed
sid
1.0.23-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
php-phpseclib
oracular
not-affected
noble
not-affected
mantic
ignored
jammy
needs-triage
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
php-phpseclib3
oracular
not-affected
noble
not-affected
mantic
ignored
jammy
needs-triage
focal
dne
phpseclib
oracular
not-affected
noble
not-affected
mantic
ignored
jammy
needs-triage
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
Common Weakness Enumeration
References
https://github.com/phpseclib/phpseclib/commit/6cd6e8ceab9f2b55c8cd81d2192bf98cbeaf4627
https://github.com/phpseclib/phpseclib/issues/1943
https://github.com/phpseclib/phpseclib/releases/tag/3.0.33
https://github.com/x509-name-testing/name_testing_artifacts
https://github.com/phpseclib/phpseclib/commit/6cd6e8ceab9f2b55c8cd81d2192bf98cbeaf4627
https://github.com/phpseclib/phpseclib/issues/1943
https://github.com/phpseclib/phpseclib/releases/tag/3.0.33
https://github.com/x509-name-testing/name_testing_artifacts