Security Advisories
Vulnerabilities reported against the Laminas Project, and recommendations for mitigation
LP-2023-01: HTTP Multiline Header Termination Vulnerability
Published 2023-04-17
LP-2022-02: HTTP Host Header Attack Vulnerabilities
Published 2022-07-25
LP-2022-01: Reflected XSS vectors in laminas/laminas-form
Published 2022-01-28
LP-2020-02: XSS and RCE vectors in laminas-api-tools/api-tools-documentation-swagger
Published 2020-04-01
LP-2020-01: XSS vectors in laminas-api-tools/api-tools
Published 2020-04-01
Have you identified a security vulnerability?
Please report it to us at security@getlaminas.org