react/http Security Advisories for v0.7.1 (1)
-
[MEDIUM] ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent
PKSA-kwfb-dvpm-qtpb CVE-2022-36032 GHSA-w3w9-vrf5-8mx8
Affected version: >=0.7.0,<1.7.0
Reported by:
GitHub, FriendsOfPHP/security-advisories