amphp/http

Releases23

Frequency3 months 3 weeks

Last Release over 1 year ago

Stars103

HTTP primitives which can be shared by servers and clients.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-2653 ↗	Apr 3, 2024Wednesday, 3 April 2024, 18:15	8.2 HIGH	—
amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit until it has received the set END_HEADERS flag, resulting in an OOM crash.