In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: php
Published: 2022-09-28T22:25:10.116784Z
Updated: 2024-09-16T19:51:39.203Z
Reserved: 2022-05-25T00:00:00
Link: CVE-2022-31629
Vulnrichment
Updated: 2024-08-03T07:26:00.718Z
NVD
Status : Modified
Published: 2022-09-28T23:15:10.540
Modified: 2024-05-01T17:15:24.897
Link: CVE-2022-31629
Redhat