|
Bugzilla – Activity log for bug 1226133: VUL-0: CVE-2024-2408: php: The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an OpenSSL version ... |
Back to bug 1226133
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| smash_bz | 2024-06-10 09:08:33 UTC | Group | SUSE Security Internal | |
| Whiteboard | CVSSv3.1:SUSE:CVE-2024-2408:5.9:(AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) | |||
| maint-coord+maintenance-robot | 2024-06-10 09:15:39 UTC | Priority | P5 - None | P3 - Medium |
| rfrohl | 2024-06-10 12:32:32 UTC | Resolution | --- | INVALID |
| Status | NEW | RESOLVED | ||
| pgajdos | 2024-06-10 12:44:29 UTC | Resolution | INVALID | FIXED |
Back to bug 1226133