CVE-2026-48998 | guzzle psr7 up to 2.10.1 Message::parseRequest missing initialization (GHSA-34xg-wgjx-8xph)

Inserito da Angelo Barbosa | Giu 11, 2026 | CVE

A vulnerability identified as problematic has been detected in guzzle psr7 up to 2.10.1. This impacts the function Message::parseRequest. The manipulation leads to missing initialization of a variable. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is traded as CVE-2026-48998. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.

CVE-2026-48998 | guzzle psr7 up to 2.10.1 Message::parseRequest missing initialization (GHSA-34xg-wgjx-8xph)

Post correlati

CVE-2022-4975 | Red Hat Advanced Cluster Security Portal /main/configmanagement/ cross site scripting

CVE-2024-24059 | springboot-manager 1.6 unrestricted upload

CVE-2024-42328 | Zabbix up to 7.0.2 curl_write_cb unchecked return value to null pointer dereference

CVE-2019-25211 | Gonic Gin-Gonic CORS Middleware up to 1.5.x cross-domain policy