CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
Low
EPSS
Percentile
74.8%
Description Impact In ReactPHP’s HTTP server component versions below v1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host- and __Secure- confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-7070 and CVE-2020-8184 for more information. Patches reactphp/http@663c9a3 - Fixed in reactphp/http v1.7.0 Workarounds Infrastructure or DevOps can place a reverse proxy in front of the ReactPHP HTTP server to filter out any unexpected Cookie request headers. References CVE-2020-7070, https://bugs.php.net/bug.php?id=79699 and php/php-src@6559fe9 CVE-2020-8184, https://hackerone.com/reports/895727 and rack/rack@1f5763d Originally introduced via reactphp/http#175 Credits Thanks to Marco Squarcina (TU Wien) for reporting this and working with us to coordinate this security advisory For more information If you have any questions or comments about this advisory: Join the discussion Email us at [email protected] References GHSA-w3w9-vrf5-8mx8 https://nvd.nist.gov/vuln/detail/CVE-2022-36032 reactphp/http#175 reactphp/http@663c9a3 https://github.com/reactphp/http/releases/tag/v1.7.0 https://github.com/FriendsOfPHP/security-advisories/blob/master/react/http/CVE-2022-36032.yaml
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
Low
EPSS
Percentile
74.8%