Description
guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2018-2633 Vulnerability (CVE-2018-2633)
WordPress Plugin VideoWhisper Video Presentation Arbitrary File Upload (3.31.17)
WordPress Plugin WP Booking System Multiple Vulnerabilities (1.5.1)
WordPress Plugin Membership Simplified Multiple SQL Injection Vulnerabilities (1.58)
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-28169)