CVE-2024-2408 | PHP up to 8.1.28/8.2.19/8.3.7 on Windows PKCS1 Padding openssl_private_decrypt Marvin Attack information exposure (GHSA-hh26-4ppw-5864)

CVE-2024-2408 | PHP up to 8.1.28/8.2.19/8.3.7 on Windows PKCS1 Padding openssl_private_decrypt Marvin Attack information exposure (GHSA-hh26-4ppw-5864)

A vulnerability was found in PHP up to 8.1.28/8.2.19/8.3.7 on Windows. It has been declared as problematic. This vulnerability affects the function openssl_private_decrypt of the component PKCS1 Padding Handler. The manipulation leads to information exposure through discrepancy. This vulnerability was named CVE-2024-2408. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.