Firehed

**Name of the Vulnerable Software and Affected Versions** OpenEMR versions 5.0.2 through 8.0.0 **Description** OpenEMR is an electronic health records and medical practice management application. Versions between 5.0.2 and before 8.0.0 have paths where the `gateway api key` secret value is rendered to the client in plaintext. Exposure of these secret keys could lead to unauthorized money movement or account takeover of payment gateway APIs. The `gateway api key` is a sensitive variable used for accessing payment gateway APIs. **Recommendations** Update to OpenEMR version 8.0.0.

**Name of the Vulnerable Software and Affected Versions** PHP versions 8.1.* through 8.1.27 PHP versions 8.2.* through 8.2.17 PHP versions 8.3.* through 8.3.4 **Description** The issue is related to the password verification process in PHP. If a password stored with `password hash()` starts with a null byte (`x00`), testing a blank string as the password via `password verify()` will incorrectly return true. This flaw can allow a remote attacker to bypass the authentication process and gain unauthorized access to a web application. **Recommendations** For PHP versions 8.1.* through 8.1.27, update to version 8.1.28 or later. For PHP versions 8.2.* through 8.2.17, update to version 8.2.18 or later. For PHP versions 8.3.* through 8.3.4, update to version 8.3.5 or later. As a temporary workaround, consider restricting the use of `password verify()` function until a patch is available. Avoid using passwords that start with a null byte (`x00`) in the affected PHP versions.