Vulnerability Database

296,480

Total vulnerabilities in the database

amphp/http Host Header Injection vulnerability

amphp/http versions before 1.0.1 allows an attacker to supply invalid input in the Host header which may lead to various type of Host header injection attacks.

Published: May 15, 2024
Updated: Jun 27, 2024
GHSA: GHSA-8v5x-6vv5-jv4g
Severity: Medium
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
amphp / http	-	1.0.1

https://github.com/amphp/http/commit/16e465fa82555104d1cff98cb8e412295a380214
https://github.com/amphp/http/pull/4
https://github.com/amphp/http/releases/tag/v1.0.1
https://github.com/FriendsOfPHP/security-advisories/blob/master/amphp/http/2018-03-15.yaml

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo