Hello, I'm using free version of multiotp with PHP version 8.4.13 but it has security issues according to Nessus (CVE-2025-14177) is there a way to upgrade it to min. 8.4.16 ?
Hello,
The free version of multiOTP is not using the getimagesize() function concerned by CVE-2025-14177.
Anyway, you can safely upgrade your PHP to version 8.4.16. If you are using a Debian Trixie distribution, the last PHP package available afer upgrade is 8.4.16.
Regards,
Comments