guzzlehttp/psr7 did not filter CR/LF characters in certain first-party HTTP start-line fields—request method, protocol version, and response reason phrase—before version 2.12.1. If an application injects attacker-controlled data into any of these fields and later serializes the PSR-7 message to a raw HTTP/1.x format, the resulting serialized text may include arbitrary header lines, enabling HTTP response splitting or other malleability attacks against downstream consumers of the message. This vulnerability can also be introduced through the Message::parseRequest() or Message::parseResponse() functions when malformed raw messages are parsed into PSR-7 objects and then re-serialized. Creation or modification of PSR-7 objects alone does not trigger the flaw; the message must be serialized and transmitted to software that does not independently reject malformed start-line characters. The issue is fixed in 2.12.1.

The vulnerability affects the guzzle http psr7 library in all releases older than 2.12.1. Any PHP application that incorporates this library and can place attacker-controlled values into the request method, protocol version, or response reason phrase—and subsequently serializes the message to raw HTTP output—can be impacted. This includes code that writes PSR-7 requests or responses to the network or forwards them to other services.

The CVSS score of 4.8 denotes moderate severity. No EPSS score is available, so exploitation probability is unknown. The vulnerability is not listed in the CISA KEV catalog. Based on the description, exploitation requires the attacker to inject CR/LF characters into a start-line field, then trigger serialization of the PSR-7 object, and finally transmit the resulting raw HTTP text to a system that does not independently reject malformed start lines. The risk is elevated for applications that expose PSR-7 serialization to external input or that forward serialized requests or responses to untrusted networks.