guzzlehttp/psr7 Security Advisories for 1.6.0 (5)
-
[MEDIUM] CRLF injection in HTTP start-line serialization
PKSA-7qs6-zvnz-h66r CVE-2026-55766 GHSA-vm85-hxw5-5432
Affected version: <2.12.1
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Host confusion via authority reinterpretation
PKSA-jj5t-2zs1-dcfm CVE-2026-48998 GHSA-34xg-wgjx-8xph
Affected version: <2.10.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] CRLF injection via URI host component
PKSA-gm5x-j3mz-71n9 CVE-2026-49214 GHSA-hq7v-mx3g-29hw
Affected version: <2.10.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Improper header validation
PKSA-hn62-zkx4-1y5q CVE-2023-29197 GHSA-wxmh-65f7-jcvw
Affected version: >=2,<2.4.5|<1.9.1
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Inproper parsing of HTTP headers
PKSA-gvzg-s447-b5b5 CVE-2022-24775 GHSA-q7rv-6hp3-vh96
Affected version: >=2,<2.1.1|<1.8.4
Reported by:
GitHub, FriendsOfPHP/security-advisories