{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16656?format=json","vulnerability_id":"VCID-wnyn-2dp2-uuer","summary":"phpseclib Infinite Loop vulnerability\nMath/PrimeField.php in phpseclib has an infinite loop with composite primefields. This vulnerability was introduced in version 3.0.0, and has been patched in 3.0.19. The CVE for this issue originally identified the the vulnerable version as 2.x, however, the vulnerable functionality was not introduced until version 3.","aliases":[{"alias":"CVE-2023-27560"},{"alias":"GHSA-hm7p-r324-hhf3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/56187?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.19"},{"url":"http://public2.vulnerablecode.io/api/packages/935047?format=json","purl":"pkg:deb/debian/php-phpseclib3@3.0.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib3@3.0.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935043?format=json","purl":"pkg:deb/debian/php-phpseclib3@3.0.19-1%2Bdeb12u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-54yg-a5he-zbh5"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib3@3.0.19-1%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935046?format=json","purl":"pkg:deb/debian/php-phpseclib3@3.0.43-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-54yg-a5he-zbh5"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib3@3.0.43-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935045?format=json","purl":"pkg:deb/debian/php-phpseclib3@3.0.50-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hnn9-wcwe-ffa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib3@3.0.50-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062523?format=json","purl":"pkg:deb/debian/php-phpseclib3@3.0.51-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib3@3.0.51-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088720?format=json","purl":"pkg:deb/debian/php-phpseclib3@3.0.52-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib3@3.0.52-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1103036?format=json","purl":"pkg:deb/debian/php-phpseclib3@3.0.52-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-phpseclib3@3.0.52-2%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/56186?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-54yg-a5he-zbh5"},{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-ndjx-6ned-93bd"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/238328?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-ndjx-6ned-93bd"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/238329?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-ndjx-6ned-93bd"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/238330?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-ndjx-6ned-93bd"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/238331?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-ndjx-6ned-93bd"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/238332?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-ndjx-6ned-93bd"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/238333?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-ndjx-6ned-93bd"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/73847?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/362232?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/362233?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/362234?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/362235?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/362236?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/362237?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/362238?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/362239?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/362240?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/362241?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/362242?format=json","purl":"pkg:composer/phpseclib/phpseclib@3.0.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6xjw-f9xu-fkg8"},{"vulnerability":"VCID-8h2u-szq5-13ar"},{"vulnerability":"VCID-ars3-xpyv-jbf1"},{"vulnerability":"VCID-hnn9-wcwe-ffa5"},{"vulnerability":"VCID-ku5e-5j7s-qyc9"},{"vulnerability":"VCID-wnyn-2dp2-uuer"},{"vulnerability":"VCID-zxph-sjym-kqhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/phpseclib/phpseclib@3.0.18"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27560","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50428","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.5046","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50437","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50423","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50465","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.5047","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50446","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50392","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50402","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50353","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50275","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50329","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.5036","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50313","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50339","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50414","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50391","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.5042","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50373","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50426","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50419","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27560"},{"reference_url":"https://github.com/phpseclib/phpseclib","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpseclib/phpseclib"},{"reference_url":"https://github.com/phpseclib/phpseclib/commit/6298d1cd55c3ffa44533bd41906caec246b60440","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-06T20:16:55Z/"}],"url":"https://github.com/phpseclib/phpseclib/commit/6298d1cd55c3ffa44533bd41906caec246b60440"},{"reference_url":"https://github.com/phpseclib/phpseclib/commit/6298d1cd55c3ffa44533bd41906caec246b60440#commitcomment-103226722","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/phpseclib/phpseclib/commit/6298d1cd55c3ffa44533bd41906caec246b60440#commitcomment-103226722"},{"reference_url":"https://github.com/phpseclib/phpseclib/releases/tag/3.0.19","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-06T20:16:55Z/"}],"url":"https://github.com/phpseclib/phpseclib/releases/tag/3.0.19"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032371","reference_id":"1032371","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032371"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27560","reference_id":"CVE-2023-27560","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27560"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpseclib/phpseclib/CVE-2023-27560.yaml","reference_id":"CVE-2023-27560.YAML","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/phpseclib/phpseclib/CVE-2023-27560.yaml"},{"reference_url":"https://github.com/advisories/GHSA-hm7p-r324-hhf3","reference_id":"GHSA-hm7p-r324-hhf3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hm7p-r324-hhf3"}],"weaknesses":[{"cwe_id":835,"name":"Loop with Unreachable Exit Condition ('Infinite Loop')","description":"The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wnyn-2dp2-uuer"}