VDB

GCVE-110-MAGEIA-2016-196

GCVE-110-MAGEIA-2016-196
Advisory Published
Vulnetix · Advisory published May 21, 2016
Updated php-ZendFramework2 packages fix security vulnerability: Zend\Crypt\PublicKey\Rsa\PublicKey has a call to openssl_public_encrypt() which uses PHP's default $padding argument, which specifies OPENSSL_PKCS1_PADDING, indicating usage of PKCS1v1.5 padding. This padding has a known vulnerability, the Bleichenbacher's chosen-ciphertext attack, which can be used to decrypt arbitrary ciphertexts (CVE-2015-7503).

Affected Products

VendorProductVersionsPlatforms
Mageiaphp-ZendFramework20 (affected), 2.4.9-1.mga5 (unaffected)

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›