A vulnerability was found in PHP up to 8.1.28/8.2.19/8.3.7 on Windows. It has been declared as problematic. This vulnerability affects the function
openssl_private_decrypt
of the component PKCS1 Padding Handler. The manipulation leads to information exposure through discrepancy.
This vulnerability was named CVE-2024-2408. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.