Linux Distros Unpatched Vulnerability : CVE-2022-36032

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to...

CVE-2022-36032

creationtimestamp| type| source ---|---|--- 2022-09-06 22:13:36+00:00| seen| https://t.me/cibsecurity/49346...

CVE-2022-36032

CVE-2022-36032 affects ReactPHP HTTP server component versions 0.7.0 up to, but not including, 1.7.0. When processing incoming HTTP cookie values, cookie names are url-decoded, which can cause cookies with prefixes like __Host- and __Secure- to be confounded with decodings of other cookies. This ...

CVE-2022-36032 ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent

ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes...

CVE-2022-36032 ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent

ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes...