|Description||phpseclib before 2.0.31 and 3.x before 3.0.7 mishandles RSA PKCS#1 v1.5 signature verification.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)|
Vulnerable and fixed packages
The table below lists information on source packages.
|php-phpseclib3 (PTS)||bookworm, sid||3.0.19-1||fixed|
The information below is based on the following data on fixed versions.
Introduced by: https://github.com/phpseclib/phpseclib/commit/cc32cd2e95b18a0c0118bbf1928327675c9e64a9 (v3.0 / RSA::SIGNATURE_RELAXED_PKCS1)
Fixed by: https://github.com/phpseclib/phpseclib/commit/05550b9c490bf342bce66de75d127d2f75c48bdd (1.0.20, 2.0.31, 3.0.7)
Fixed by: https://github.com/phpseclib/phpseclib/commit/42fc46e9a92c2ce5b10d2fbfb00b630417d6dfbe (3.0.7)
According to upstream in #1635, "v2.0 does not have a vulnerability" (only non-security bugs).
However, a lot of identical fixes were applied to all 1.x/2.x/3.x branches upstream.
They were also backported in bullseye/testing in 1.x/2.x (claimed as a CVE-2021-30130 fix).
Given the broad scope of this CVE description, let's assume that those fixes are needed in 1.x/2.x.