You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Improper Input Validation in nyholm/psr7
Moderate severity
GitHub Reviewed
Published
Apr 17, 2023
in
Nyholm/psr7
•
Updated Apr 24, 2023
Improper header parsing. An attacker could sneak in a newline (\n) into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n.
Impact
Improper header parsing. An attacker could sneak in a newline (
\n) into both the header names and values. While the specification states that\r\n\r\nis used to terminate the header list, many servers in the wild will also accept\n\n.Patches
The issue is patched in 1.6.1.
Workarounds
There are no known workarounds.
References
References