9Haz
CVE-2024-2408 | PHP up to 8.1.28/8.2.19/8.3.7 on Windows PKCS1 Padding openssl_private_decrypt Marvin Attack information exposure (GHSA-hh26-4ppw-5864)
A vulnerability was found in PHP up to 8.1.28/8.2.19/8.3.7 on Windows. It has been declared as problematic. This vulnerability affects the functionopenssl_private_decrypt
of the component PKCS1 Padding Handler. The manipulation leads to information exposure through discrepancy.
This vulnerability was named CVE-2024-2408. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.