4 matches found
Mageia: Security Advisory (MGASA-2016-0196)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-7503
CVE-2015-7503 affects Zend Framework and Zend Crypt RSA public-key encryption. Zend Framework 2.x before 2.4.9 and 2.5.x before 2.5.2 used OPENSSL_PKCS1_PADDING (PKCS#1 v1.5) in Zend\Crypt\PublicKey\Rsa::encrypt(), enabling a Bleichenbacher-style attack to recover the RSA private key. Exploitatio...
Fedora Update for php-ZendFramework2 FEDORA-2016-03c0ed3127
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated php-ZendFramework2 packages fix CVE-2015-7503
Updated php-ZendFramework2 packages fix security vulnerability: Zend\Crypt\PublicKey\Rsa\PublicKey has a call to opensslpublicencrypt which uses PHP's default $padding argument, which specifies OPENSSLPKCS1PADDING, indicating usage of PKCS1v1.5 padding. This padding has a known vulnerability, the...