6 matches found
EUVD-2023-1509
Malicious code in bioql PyPI...
EUVD-2022-6955
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-36032
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to...
UBUNTU-CVE-2022-36032
ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes...
CVE-2022-36032 ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent
ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes...
PT-2022-23130 · Unknown · Reactphp Http
Name of the Vulnerable Software and Affected Versions: ReactPHP HTTP versions 0.7.0 through 1.7.0 Description: The issue arises when ReactPHP's HTTP server component processes incoming HTTP cookie values, url-decoding the cookie names. This can lead to confusion between cookies with prefixes like...