Swoole Security Vulnerabilities

CVE-2020-24275

A HTTP response header injection vulnerability in Swoole v4.5.2 allows attackers to execute arbitrary code via supplying a crafted...

CVE-2019-15518

Swoole before 4.2.13 allows directory traversal in...

CVE-2018-15503

The unpack implementation in Swoole version 4.0.4 lacks correct size checks in the deserialization process. An attacker can craft a serialized object to exploit this vulnerability and cause a...