Timwolla

**Name of the Vulnerable Software and Affected Versions** PHP versions 8.0.* through 8.0.28 PHP versions 8.1.* through 8.1.19 PHP versions 8.2.* through 8.2.6 **Description** The issue is related to the use of a random value generator with a narrower range of values than it should have when using SOAP HTTP Digest Authentication. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce. **Recommendations** For PHP versions 8.0.* through 8.0.28, update to version 8.0.29 or later. For PHP versions 8.1.* through 8.1.19, update to version 8.1.20 or later. For PHP versions 8.2.* through 8.2.6, update to version 8.2.7 or later. As a temporary workaround, consider disabling the SOAP HTTP Digest Authentication until a patch is available.

**Name of the Vulnerable Software and Affected Versions** PHP versions 8.0.0 through 8.0.27 PHP versions 8.1.0 through 8.1.15 PHP versions 8.2.0 through 8.2.2 **Description** The issue is related to the password verification function in PHP, which may accept some invalid Blowfish hashes as valid. If such an invalid hash ends up in the password database, it may lead to an application allowing any password for this entry as valid. This is due to insufficient computation of the password hash. The `password verify()` function is specifically affected. **Recommendations** For PHP versions 8.0.0 through 8.0.27, update to version 8.0.28 or later. For PHP versions 8.1.0 through 8.1.15, update to version 8.1.16 or later. For PHP versions 8.2.0 through 8.2.2, update to version 8.2.3 or later. As a temporary workaround, consider restricting access to the `password verify()` function until a patch is available. Avoid using invalid Blowfish hashes in the password database to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** guzzlehttp/psr7 versions prior to 1.9.1 guzzlehttp/psr7 versions prior to 2.4.5 **Description** The issue concerns improper header parsing, allowing an attacker to sneak in a newline (` `) into both the header names and values. Many servers will also accept ` ` to terminate the header list, which is not in line with the specification that states `r r ` should be used. This could potentially lead to application errors or invalid HTTP requests being sent out, possibly causing a denial of service vector if a remote service's web application firewall bans the application due to the receipt of malformed requests. **Recommendations** For guzzlehttp/psr7 versions prior to 1.9.1, upgrade to version 1.9.1 or later. For guzzlehttp/psr7 versions prior to 2.4.5, upgrade to version 2.4.5 or later. As a temporary workaround, consider validating HTTP header keys and/or values, and if using user-supplied values, filter them to strip off leading or trailing newline characters before processing.