[LOW] CVE-2024-50345: Open redirect via browser-sanitized URLs

PKSA-b35n-565h-rs4q CVE-2024-50345 GHSA-mrqx-rp3w-jpjp

Affected version: >=2.0.0,<3.0.0|>=3.0.0,<4.0.0|>=4.0.0,<5.0.0|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5.2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.46|>=6.0.0,<6.1.0|>=6.1.0,<6.2.0|>=6.2.0,<6.3.0|>=6.3.0,<6.4.0|>=6.4.0,<6.4.14|>=7.0.0,<7.1.0|>=7.1.0,<7.1.7

Reported by:
GitHub, FriendsOfPHP/security-advisories

[HIGH] CVE-2019-18888: Prevent argument injection in a MimeTypeGuesser

PKSA-9w98-4rwq-spxr CVE-2019-18888 GHSA-xhh6-956q-4q69

Affected version: >=2.0.0,<2.1.0|>=2.1.0,<2.2.0|>=2.2.0,<2.3.0|>=2.3.0,<2.4.0|>=2.4.0,<2.5.0|>=2.5.0,<2.6.0|>=2.6.0,<2.7.0|>=2.7.0,<2.8.0|>=2.8.0,<2.8.52|>=3.0.0,<3.1.0|>=3.1.0,<3.2.0|>=3.2.0,<3.3.0|>=3.3.0,<3.4.0|>=3.4.0,<3.4.35|>=4.0.0,<4.1.0|>=4.1.0,<4.2.0|>=4.2.0,<4.2.12|>=4.3.0,<4.3.8

Reported by:
GitHub, FriendsOfPHP/security-advisories

[CRITICAL] CVE-2019-10913: Reject invalid HTTP method overrides

PKSA-324d-pqmd-hptz CVE-2019-10913 GHSA-x92h-wmg2-6hp7

Affected version: >=2.7.0,<2.7.51|>=2.8.0,<2.8.50|>=3.0.0,<3.1.0|>=3.1.0,<3.2.0|>=3.2.0,<3.3.0|>=3.3.0,<3.4.0|>=3.4.0,<3.4.26|>=4.0.0,<4.1.0|>=4.1.0,<4.1.12|>=4.2.0,<4.2.7

Reported by:
GitHub, FriendsOfPHP/security-advisories