What is CVE-2022-24775?

A high-severity vulnerability in GuzzlePHP's PSR-7 HTTP message library allows improper header parsing, potentially leading to unauthorized data manipulation. Organizations must patch immediately to mitigate risks.

What is the severity of CVE-2022-24775?

CVE-2022-24775 has a severity rating of HIGH with a CVSS base score of 7.5.

CVE-2022-24775 | High Vulnerability in GuzzlePHP PSR-7

CVE-2022-24775 is a high-severity vulnerability affecting the GuzzlePHP PSR-7 HTTP message library. This vulnerability allows improper header parsing in versions prior to 1.8.4 and 2.1.1. An attacker could exploit this issue by sneaking in a new line character, which could lead to the passing of untrusted values. The issue has been patched in versions 1.8.4 and 2.1.1, and as of now, there are no known workarounds.

The CVSS score for this vulnerability is 7.5, which categorizes it as high severity. This level of risk indicates that organizations using affected versions should act promptly to address the vulnerability, particularly since exploitation can occur over the network and requires no user interaction.

Given the nature of the vulnerability, the risk to organizations includes potential unauthorized manipulation of data, which could have significant implications for data integrity. With the vulnerability being actively discussed in the security community, it is crucial for organizations to prioritize patching immediately.

Currently, there are no public exploits known for this vulnerability, but the potential for exploitation exists, necessitating a strong response from security teams.

Vulnerability Details

The vulnerability allows for improper header parsing, which can lead to attackers injecting untrusted values into HTTP headers. The affected product is the GuzzleHTTP PSR-7 library, specifically versions before 1.8.4 and 2.1.1. The issue was published on March 21, 2022, and has been documented under CWE-20, indicating improper input validation.

Technical Analysis

The root cause of this vulnerability stems from improper parsing of HTTP headers, where an attacker can introduce new line characters. This exploitation can occur over the network with low attack complexity, requiring no privileges or user interaction. The attack's impact is primarily on data integrity, as unauthorized data manipulation may occur, but it has no effect on confidentiality or availability.

Risk & Impact Analysis

Organizations using affected versions of GuzzlePHP's PSR-7 library are exposed to risks that could lead to data integrity issues. Given the high CVSS score of 7.5, this vulnerability should be treated as a priority for remediation. The exploitation of this vulnerability could have a broad impact on applications relying on the GuzzleHTTP library, necessitating immediate patching.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The vulnerable versions of the GuzzleHTTP PSR-7 library include all versions prior to 1.8.4 and any version before 2.1.1. Additionally, Drupal versions between 8.0.0 to 9.2.15 and 9.3.0 to 9.3.8 are also affected.

Mitigation & Remediation

Organizations should prioritize updating to GuzzleHTTP PSR-7 versions 1.8.4 or 2.1.1 to mitigate this vulnerability. If immediate patching is not feasible, implementing strict input validation can help reduce the risk, although this is not a complete solution. Regular security assessments and utilizing services like penetration testing can also provide insights into the security posture and potential vulnerabilities in the applications.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor logs for unusual HTTP header values or patterns indicative of header injection attempts. Behavioral anomalies in application performance or user access patterns may also signal exploitation attempts that require further investigation.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2022-24775 highlights the importance of proper input validation in application development. This vulnerability serves as a reminder of common pitfalls in input handling that can lead to severe security issues. Security teams should take this opportunity to review their existing codebases for similar vulnerabilities and implement robust input validation mechanisms. For more insights on securing applications, organizations can refer to the web application penetration testing guide and adopt best practices to enhance their security posture.

Additionally, understanding the patterns of similar vulnerabilities in the past can aid in predicting future risks and preparing defenses. Continuous education and awareness within development teams are essential to mitigate risks effectively.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-24775: High Vulnerability in GuzzlePHP PSR-7