Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2022-36032

Published: 6 September 2022

ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like `__Host-` and `__Secure-` confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. This issue is fixed in ReactPHP HTTP version 1.7.0. As a workaround, Infrastructure or DevOps can place a reverse proxy in front of the ReactPHP HTTP server to filter out any unexpected `Cookie` request headers.

Notes

AuthorNote
alexmurray
icinga-php-thirdparty and icingaweb2-module-reactbundle both vendor a copy of reactphp/http

Priority

Medium

Cvss 3 Severity Score

5.3

Score breakdown

Status

Package Release Status
icinga-php-thirdparty
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

jammy Needs triage

kinetic Ignored
(end of life, was needs-triage)
lunar Ignored
(end of life, was needs-triage)
mantic Needs triage

trusty Ignored
(end of standard support)
upstream Needs triage

xenial Ignored
(end of standard support)
icingaweb2-module-reactbundle
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

jammy Needs triage

kinetic Ignored
(end of life, was needs-triage)
lunar Ignored
(end of life, was needs-triage)
mantic Needs triage

trusty Ignored
(end of standard support)
upstream Needs triage

xenial Ignored
(end of standard support)

Severity score breakdown

Parameter Value
Base score 5.3
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact Low
Availability impact None
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N