saloonphp/saloon Security Advisories for v0.2.0 (3)
-
[HIGH] Saloon has insecure deserialization in AccessTokenAuthenticator
PKSA-xnj5-w74d-6wmz CVE-2026-33942 GHSA-rf88-776r-rcq9
Affected version: <4.0.0
Reported by:
GitHub -
[MEDIUM] Saloon has a Fixture Name Path Traversal Vulnerability
PKSA-rnpm-45mg-w6ht CVE-2026-33183 GHSA-f7xc-5852-fj99
Affected version: <4.0.0
Reported by:
GitHub -
[MEDIUM] Saloon is vulnerable to SSRF and credential leakage via absolute URL in endpoint overriding base URL
PKSA-5szq-gvrg-ttfq CVE-2026-33182 GHSA-c83f-3xp6-hfcp
Affected version: <4.0.0
Reported by:
GitHub