Laminas Project
  • About
    Overview Technical Steering Committee About the Foundation Security
  • Blog
  • Docs
  • Community
  • Support Laminas
    Overview Sponsor Laminas Development Commercial Vendor Program

Security Advisories

Vulnerabilities reported against the Laminas Project, and recommendations for mitigation

LP-2023-01: HTTP Multiline Header Termination Vulnerability

Published 2023-04-17

LP-2022-02: HTTP Host Header Attack Vulnerabilities

Published 2022-07-25

LP-2022-01: Reflected XSS vectors in laminas/laminas-form

Published 2022-01-28

LP-2020-02: XSS and RCE vectors in laminas-api-tools/api-tools-documentation-swagger

Published 2020-04-01

LP-2020-01: XSS vectors in laminas-api-tools/api-tools

Published 2020-04-01

  • Overview
  • Advisories
  • Feed

Have you identified a security vulnerability?

Please report it to us at security@getlaminas.org

Laminas
  • Mezzio PSR-15 middleware in minutes
  • Components Components for enterprise applications
  • MVC MVC for enterprise applications
  • API Tools Build RESTful APIs in minutes
  • Maintenance Overview Current maintenance status of Laminas & Mezzio packages

Support

License

Code licensed under BSD 3-Clause.

Copyright

© 2025 by Laminas Project a Series of LF Projects, LLC.

Design by Blackpoints AG
Hosting sponsored by the platform.sh logo PHP Cloud Hosting Service
The Linux Foundation's only PHP project.