guzzlehttp/psr7 Security Advisories for 2.2.2 (4)
-
[MEDIUM] CRLF injection in HTTP start-line serialization
PKSA-7qs6-zvnz-h66r CVE-2026-55766 GHSA-vm85-hxw5-5432
Affected version: <2.12.1
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Host confusion via authority reinterpretation
PKSA-jj5t-2zs1-dcfm CVE-2026-48998 GHSA-34xg-wgjx-8xph
Affected version: <2.10.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] CRLF injection via URI host component
PKSA-gm5x-j3mz-71n9 CVE-2026-49214 GHSA-hq7v-mx3g-29hw
Affected version: <2.10.2
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Improper header validation
PKSA-hn62-zkx4-1y5q CVE-2023-29197 GHSA-wxmh-65f7-jcvw
Affected version: >=2,<2.4.5|<1.9.1
Reported by:
GitHub, FriendsOfPHP/security-advisories