Phpseclib
Monthly
phpseclib's SSH2 packet authentication uses PHP's non-constant-time != operator to compare HMACs, enabling timing-based information disclosure attacks on SSH sessions. The vulnerability affects phpseclib versions prior to 1.0.28, 2.0.53, and 3.0.51. An unauthenticated remote attacker can exploit variable-time comparison behavior to infer valid HMAC values through precise timing measurements, potentially compromising the confidentiality of SSH communications. No public exploit code or active exploitation has been confirmed, but this is a cryptographic timing vulnerability with proven scalability via benchmarking.
phpseclib's SSH2 packet authentication uses PHP's non-constant-time != operator to compare HMACs, enabling timing-based information disclosure attacks on SSH sessions. The vulnerability affects phpseclib versions prior to 1.0.28, 2.0.53, and 3.0.51. An unauthenticated remote attacker can exploit variable-time comparison behavior to infer valid HMAC values through precise timing measurements, potentially compromising the confidentiality of SSH communications. No public exploit code or active exploitation has been confirmed, but this is a cryptographic timing vulnerability with proven scalability via benchmarking.