The host is installed with PHP 8.1.x before 8.1.29, 8.2.x before 8.2.20, or 8.3.x before 8.3.8 and is prone to a Marvin attack vulnerability. A flaw is present in the application, which fails to handle issues in the openssl_private_decrypt function, when using PKCS1 padding. Successful exploitation allows an attacker to carry out the Marvin Attack unless it is used with an OpenSSL version 3.2.