Laminas Project
  • About
    Overview Technical Steering Committee About the Foundation Security
  • Blog
  • Docs
  • Community
  • Support Laminas
    Overview Sponsor Laminas Development Commercial Vendor Program

Security Advisories

Vulnerabilities reported against the Laminas Project, and recommendations for mitigation

LP-2023-01: HTTP Multiline Header Termination Vulnerability

Published 2023-04-17

LP-2022-02: HTTP Host Header Attack Vulnerabilities

Published 2022-07-25

LP-2022-01: Reflected XSS vectors in laminas/laminas-form

Published 2022-01-28

LP-2020-02: XSS and RCE vectors in laminas-api-tools/api-tools-documentation-swagger

Published 2020-04-01

LP-2020-01: XSS vectors in laminas-api-tools/api-tools

Published 2020-04-01

  • Overview
  • Advisories
  • Feed

Have you identified a security vulnerability?

Please report it to us at security@getlaminas.org

Laminas – The Linux Foundation's only PHP project
  • Mezzio PSR-15 middleware in minutes
  • Laminas Components Enterprise-ready PHP components
  • Maintenance Overview Current maintenance status of Laminas & Mezzio packages

Hosting sponsored by the platform.sh logo PHP Cloud Hosting Service

Support
  • Laminas & Mezzio Forum
  • Laminas Community Slack
  • Laminas GitHub Organisation Page
  • Laminas on Mastodon
  • Blog article RSS Feed
License

Code licensed under BSD 3-Clause.

Copyright

© 2025 Laminas Project a Series of LF Projects, LLC.