Merge pull request #689 from xabbuh/react-http

add CVE-2023-26044 for react/http
FriendsOfPHP · May 22, 2023 · df06cd2 · df06cd2
2 parents dca9b31 + d9aa4e7
commit df06cd2
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/react/http/CVE-2023-26044.yaml b/react/http/CVE-2023-26044.yaml
@@ -0,0 +1,8 @@
+title: "ReactPHP's HTTP server continues parsing unused multipart parts after reaching limits"
+link: https://github.com/advisories/GHSA-95x4-j7vc-h8mf
+cve: CVE-2023-26044
+branches:
+    1.x:
+        time: 2023-02-27 15:05:00
+        versions: ['>=0.8.0', '<1.9.0']
+reference: composer://react/http