amphp/http Host Header Injection vulnerability

Published: May 15, 2024
Updated: Jun 27, 2024
GHSA: <a href="https://github.com/advisories/GHSA-8v5x-6vv5-jv4g" target="_blank" rel="noopener"> GHSA-8v5x-6vv5-jv4g
Severity: Medium
Exploit:

amphp/http versions before 1.0.1 allows an attacker to supply invalid input in the Host header which may lead to various type of Host header injection attacks.