Miggo Logo

GHSA-9jxr-mwpp-w643: Improper header validation in httpsoft/http-message

5.3

CVSS Score
3.1

Basic Information

CVE ID
-
EPSS Score
-
Published
4/21/2023
Updated
4/21/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
httpsoft/http-messagecomposer< 1.0.121.0.12

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper validation of header delimiters and newline characters. HTTP specifications require headers to be terminated with '\r\n\r\n', but many servers accept '\n\n'. Functions responsible for parsing headers (e.g., from globals or raw strings) are likely vulnerable if they: (1) split headers using '\n' instead of '\r\n', (2) allow '\n\n' as a header-body separator, or (3) fail to sanitize '\n' in header names/values. The ServerRequestFactory and Message classes are core components for header parsing in PSR-7 implementations, making these functions high-confidence candidates.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t Improp*r *****r p*rsin*. *n *tt**k*r *oul* sn**k in * n*wlin* (`\n`) into *ot* t** *****r n*m*s *n* v*lu*s. W*il* t** sp**i*i**tion st*t*s t**t `\r\n\r\n` is us** to t*rmin*t* t** *****r list, m*ny s*rv*rs in t** wil* will *lso ****pt `\n

Reasoning

T** vuln*r**ility st*ms *rom improp*r v*li**tion o* *****r **limit*rs *n* n*wlin* ***r**t*rs. *TTP sp**i*i**tions r*quir* *****rs to ** t*rmin*t** wit* '\r\n\r\n', *ut m*ny s*rv*rs ****pt '\n\n'. *un*tions r*sponsi*l* *or p*rsin* *****rs (*.*., *rom