[HIGH] HTTP Multiline Header Termination

PKSA-yg4s-vh6g-jnyh CVE-2023-29530 GHSA-xv3h-4844-9h36

Affected version: >=2.25.0,<2.25.2|>=2.24.0,<2.24.2|=2.23.0|=2.22.0|=2.21.0|=2.20.0|=2.19.0|<2.18.1

Reported by:
GitHub

[MEDIUM] Diactoros before 2.11.1 vulnerable to HTTP Host Header Attack.

PKSA-wdyb-c3m7-9v88 CVE-2022-31109 GHSA-8274-h5jp-97vr

Affected version: <2.11.1

Reported by:
GitHub, FriendsOfPHP/security-advisories