Packagist (Composer) package
react/http
pkg:composer/react/http
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-26044 | — | >= 0.8.0, < 1.9.0 | 1.9.0 | May 17, 2023 | react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has | ||
| CVE-2022-36032 | — | >= 0.7.0, < 1.7.0 | 1.7.0 | Sep 6, 2022 | ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookie |
- CVE-2023-26044May 17, 2023affected >= 0.8.0, < 1.9.0fixed 1.9.0
react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has
- CVE-2022-36032Sep 6, 2022affected >= 0.7.0, < 1.7.0fixed 1.7.0
ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookie