VDB
GCVE-110-MAGEIA-2016-196
GCVE-110-MAGEIA-2016-196
Advisory Published
Updated php-ZendFramework2 packages fix security vulnerability:
Zend\Crypt\PublicKey\Rsa\PublicKey has a call to openssl_public_encrypt() which
uses PHP's default $padding argument, which specifies OPENSSL_PKCS1_PADDING,
indicating usage of PKCS1v1.5 padding. This padding has a known vulnerability,
the Bleichenbacher's chosen-ciphertext attack, which can be used to decrypt
arbitrary ciphertexts (CVE-2015-7503).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | php-ZendFramework2 | 0 (affected), 2.4.9-1.mga5 (unaffected) | — |
Aliases
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.