Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-fr6v-6ctc-13aj
Summary
Diactoros before 2.11.1 vulnerable to HTTP Host Header Attack
### Impact

Applications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol, and/or port of a `Laminas\Diactoros\Uri` instance associated with the incoming server request modified to reflect values from `X-Forwarded-*` headers. Such changes can potentially lead to XSS attacks (if a fully-qualified URL is used in links) and/or URL poisoning.

### Patches

Any version after 2.11.0.

Starting in laminas/laminas-diactoros 2.11.1, we have added `Laminas\Diactoros\ServerRequestFilter\FilterServerRequestInterface`, which defines the single method `__invoke(Psr\Http\Message\ServerRequestInterface $request): Psr\Http\Message\ServerRequestInterface`. Filters implementing this interface allow modifying and returning a generated `ServerRequest`.

The primary use case of the interface is to allow modifying the generated URI based on the presence of headers such as `X-Forwarded-Host`. When operating behind a reverse proxy, the `Host` header is often rewritten to the name of the node to which the request is being forwarded, and an `X-Forwarded-Host` header is generated with the original `Host` value to allow the server to determine the original host the request was intended for. (We have always examined the `X-Forwarded-Proto` header; as of Diactoros 2.11.1, we also examine the `X-Forwarded-Port` header.) To accommodate this use case, we created Laminas\Diactoros\ServerRequestFilter\FilterUsingXForwardedHeaders.

Due to potential security issues, it is generally best to only accept these headers if you trust the reverse proxy that has initiated the request.
(This value is found in `$_SERVER['REMOTE_ADDR']`, which is present as `$request->getServerParams()['REMOTE_ADDR']` within PSR-7 implementations.) `FilterUsingXForwardedHeaders` provides named constructors to allow you to trust these headers from any source (which has been the default behavior of Diactoros since the beginning), or to specify specific IP addresses or CIDR subnets to trust, along with which headers are trusted.

`Laminas\Diactoros\ServerRequestFactory::fromGlobals()` was updated to accept a `FilterServerRequestInterface` as an additional, optional argument. Since the `X-Forwarded-*` headers do have valid use cases, particularly in clustered environments using a load balancer, to prevent backwards compatibility breaks, if no filter is provided, we generate an instance via `FilterUsingXForwardedHeaders::trustReservedSubnets()`, which generates an instance marked to trust only proxies on private subnets.

### Workarounds

Infrastructure or DevOps can configure web servers to reject `X-Forwarded-*` headers at the web server level.

Users of laminas/laminas-diactoros can make use of the `Laminas\Diactoros\RequestFilter\RequestFilterInterface` functionality in order to either (a) disable usage of the `X-Forwarded-*` headers entirely, (b) opt-in to it, or (c) opt-in to the usage for configured proxy servers.

### References

- [HTTP Host Header Attacks](https://portswigger.net/web-security/host-header)

### For more information

If you have any questions or comments about this advisory:

- Open an issue in [laminas/laminas-diactoros](https://github.com/laminas/laminas-diactoros/)
- [Email us](mailto:security@getlaminas.org)
Aliases
0
alias CVE-2022-31109
1
alias GHSA-8274-h5jp-97vr
2
alias GMS-2022-3226
Fixed_packages
0
url pkg:composer/laminas/laminas-diactoros@2.11.1
purl pkg:composer/laminas/laminas-diactoros@2.11.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.11.1
Affected_packages
0
url pkg:composer/laminas/laminas-diactoros@1.0.0
purl pkg:composer/laminas/laminas-diactoros@1.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.0
1
url pkg:composer/laminas/laminas-diactoros@1.0.1
purl pkg:composer/laminas/laminas-diactoros@1.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.1
2
url pkg:composer/laminas/laminas-diactoros@1.0.2
purl pkg:composer/laminas/laminas-diactoros@1.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.2
3
url pkg:composer/laminas/laminas-diactoros@1.0.3
purl pkg:composer/laminas/laminas-diactoros@1.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.3
4
url pkg:composer/laminas/laminas-diactoros@1.0.4
purl pkg:composer/laminas/laminas-diactoros@1.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.4
5
url pkg:composer/laminas/laminas-diactoros@1.0.5
purl pkg:composer/laminas/laminas-diactoros@1.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.5
6
url pkg:composer/laminas/laminas-diactoros@1.1.0
purl pkg:composer/laminas/laminas-diactoros@1.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.1.0
7
url pkg:composer/laminas/laminas-diactoros@1.1.1
purl pkg:composer/laminas/laminas-diactoros@1.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.1.1
8
url pkg:composer/laminas/laminas-diactoros@1.1.2
purl pkg:composer/laminas/laminas-diactoros@1.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.1.2
9
url pkg:composer/laminas/laminas-diactoros@1.1.3
purl pkg:composer/laminas/laminas-diactoros@1.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.1.3
10
url pkg:composer/laminas/laminas-diactoros@1.1.4
purl pkg:composer/laminas/laminas-diactoros@1.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.1.4
11
url pkg:composer/laminas/laminas-diactoros@1.2.0
purl pkg:composer/laminas/laminas-diactoros@1.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.2.0
12
url pkg:composer/laminas/laminas-diactoros@1.2.1
purl pkg:composer/laminas/laminas-diactoros@1.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.2.1
13
url pkg:composer/laminas/laminas-diactoros@1.3.0
purl pkg:composer/laminas/laminas-diactoros@1.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.0
14
url pkg:composer/laminas/laminas-diactoros@1.3.1
purl pkg:composer/laminas/laminas-diactoros@1.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.1
15
url pkg:composer/laminas/laminas-diactoros@1.3.2
purl pkg:composer/laminas/laminas-diactoros@1.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.2
16
url pkg:composer/laminas/laminas-diactoros@1.3.3
purl pkg:composer/laminas/laminas-diactoros@1.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.3
17
url pkg:composer/laminas/laminas-diactoros@1.3.4
purl pkg:composer/laminas/laminas-diactoros@1.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.4
18
url pkg:composer/laminas/laminas-diactoros@1.3.5
purl pkg:composer/laminas/laminas-diactoros@1.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.5
19
url pkg:composer/laminas/laminas-diactoros@1.3.6
purl pkg:composer/laminas/laminas-diactoros@1.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.6
20
url pkg:composer/laminas/laminas-diactoros@1.3.7
purl pkg:composer/laminas/laminas-diactoros@1.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.7
21
url pkg:composer/laminas/laminas-diactoros@1.3.8
purl pkg:composer/laminas/laminas-diactoros@1.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.8
22
url pkg:composer/laminas/laminas-diactoros@1.3.9
purl pkg:composer/laminas/laminas-diactoros@1.3.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.9
23
url pkg:composer/laminas/laminas-diactoros@1.3.10
purl pkg:composer/laminas/laminas-diactoros@1.3.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.10
24
url pkg:composer/laminas/laminas-diactoros@1.3.11
purl pkg:composer/laminas/laminas-diactoros@1.3.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.11
25
url pkg:composer/laminas/laminas-diactoros@1.4.0
purl pkg:composer/laminas/laminas-diactoros@1.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.4.0
26
url pkg:composer/laminas/laminas-diactoros@1.4.1
purl pkg:composer/laminas/laminas-diactoros@1.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.4.1
27
url pkg:composer/laminas/laminas-diactoros@1.5.0
purl pkg:composer/laminas/laminas-diactoros@1.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.5.0
28
url pkg:composer/laminas/laminas-diactoros@1.6.0
purl pkg:composer/laminas/laminas-diactoros@1.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.6.0
29
url pkg:composer/laminas/laminas-diactoros@1.6.1
purl pkg:composer/laminas/laminas-diactoros@1.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.6.1
30
url pkg:composer/laminas/laminas-diactoros@1.7.0
purl pkg:composer/laminas/laminas-diactoros@1.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.7.0
31
url pkg:composer/laminas/laminas-diactoros@1.7.1
purl pkg:composer/laminas/laminas-diactoros@1.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.7.1
32
url pkg:composer/laminas/laminas-diactoros@1.7.2
purl pkg:composer/laminas/laminas-diactoros@1.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.7.2
33
url pkg:composer/laminas/laminas-diactoros@1.8.0p1
purl pkg:composer/laminas/laminas-diactoros@1.8.0p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.0p1
34
url pkg:composer/laminas/laminas-diactoros@1.8.0p2
purl pkg:composer/laminas/laminas-diactoros@1.8.0p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.0p2
35
url pkg:composer/laminas/laminas-diactoros@1.8.0
purl pkg:composer/laminas/laminas-diactoros@1.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.0
36
url pkg:composer/laminas/laminas-diactoros@1.8.1p1
purl pkg:composer/laminas/laminas-diactoros@1.8.1p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.1p1
37
url pkg:composer/laminas/laminas-diactoros@1.8.1p2
purl pkg:composer/laminas/laminas-diactoros@1.8.1p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.1p2
38
url pkg:composer/laminas/laminas-diactoros@1.8.1
purl pkg:composer/laminas/laminas-diactoros@1.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.1
39
url pkg:composer/laminas/laminas-diactoros@1.8.2p1
purl pkg:composer/laminas/laminas-diactoros@1.8.2p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.2p1
40
url pkg:composer/laminas/laminas-diactoros@1.8.2p2
purl pkg:composer/laminas/laminas-diactoros@1.8.2p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.2p2
41
url pkg:composer/laminas/laminas-diactoros@1.8.2
purl pkg:composer/laminas/laminas-diactoros@1.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.2
42
url pkg:composer/laminas/laminas-diactoros@1.8.3p1
purl pkg:composer/laminas/laminas-diactoros@1.8.3p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.3p1
43
url pkg:composer/laminas/laminas-diactoros@1.8.3p2
purl pkg:composer/laminas/laminas-diactoros@1.8.3p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.3p2
44
url pkg:composer/laminas/laminas-diactoros@1.8.3
purl pkg:composer/laminas/laminas-diactoros@1.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.3
45
url pkg:composer/laminas/laminas-diactoros@1.8.4p1
purl pkg:composer/laminas/laminas-diactoros@1.8.4p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.4p1
46
url pkg:composer/laminas/laminas-diactoros@1.8.4p2
purl pkg:composer/laminas/laminas-diactoros@1.8.4p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.4p2
47
url pkg:composer/laminas/laminas-diactoros@1.8.4
purl pkg:composer/laminas/laminas-diactoros@1.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.4
48
url pkg:composer/laminas/laminas-diactoros@1.8.5p1
purl pkg:composer/laminas/laminas-diactoros@1.8.5p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.5p1
49
url pkg:composer/laminas/laminas-diactoros@1.8.5p2
purl pkg:composer/laminas/laminas-diactoros@1.8.5p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.5p2
50
url pkg:composer/laminas/laminas-diactoros@1.8.5
purl pkg:composer/laminas/laminas-diactoros@1.8.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.5
51
url pkg:composer/laminas/laminas-diactoros@1.8.6p1
purl pkg:composer/laminas/laminas-diactoros@1.8.6p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.6p1
52
url pkg:composer/laminas/laminas-diactoros@1.8.6p2
purl pkg:composer/laminas/laminas-diactoros@1.8.6p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.6p2
53
url pkg:composer/laminas/laminas-diactoros@1.8.6
purl pkg:composer/laminas/laminas-diactoros@1.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.6
54
url pkg:composer/laminas/laminas-diactoros@1.8.7p1
purl pkg:composer/laminas/laminas-diactoros@1.8.7p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.7p1
55
url pkg:composer/laminas/laminas-diactoros@1.8.7p2
purl pkg:composer/laminas/laminas-diactoros@1.8.7p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.7p2
56
url pkg:composer/laminas/laminas-diactoros@1.8.7
purl pkg:composer/laminas/laminas-diactoros@1.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.7
57
url pkg:composer/laminas/laminas-diactoros@2.0.0p1
purl pkg:composer/laminas/laminas-diactoros@2.0.0p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.0p1
58
url pkg:composer/laminas/laminas-diactoros@2.0.0p2
purl pkg:composer/laminas/laminas-diactoros@2.0.0p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.0p2
59
url pkg:composer/laminas/laminas-diactoros@2.0.0
purl pkg:composer/laminas/laminas-diactoros@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.0
60
url pkg:composer/laminas/laminas-diactoros@2.0.1p1
purl pkg:composer/laminas/laminas-diactoros@2.0.1p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.1p1
61
url pkg:composer/laminas/laminas-diactoros@2.0.1p2
purl pkg:composer/laminas/laminas-diactoros@2.0.1p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.1p2
62
url pkg:composer/laminas/laminas-diactoros@2.0.1
purl pkg:composer/laminas/laminas-diactoros@2.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.1
63
url pkg:composer/laminas/laminas-diactoros@2.0.2p1
purl pkg:composer/laminas/laminas-diactoros@2.0.2p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.2p1
64
url pkg:composer/laminas/laminas-diactoros@2.0.2p2
purl pkg:composer/laminas/laminas-diactoros@2.0.2p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.2p2
65
url pkg:composer/laminas/laminas-diactoros@2.0.2
purl pkg:composer/laminas/laminas-diactoros@2.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.2
66
url pkg:composer/laminas/laminas-diactoros@2.0.3p1
purl pkg:composer/laminas/laminas-diactoros@2.0.3p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.3p1
67
url pkg:composer/laminas/laminas-diactoros@2.0.3p2
purl pkg:composer/laminas/laminas-diactoros@2.0.3p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.3p2
68
url pkg:composer/laminas/laminas-diactoros@2.0.3
purl pkg:composer/laminas/laminas-diactoros@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.3
69
url pkg:composer/laminas/laminas-diactoros@2.1.0p1
purl pkg:composer/laminas/laminas-diactoros@2.1.0p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.0p1
70
url pkg:composer/laminas/laminas-diactoros@2.1.0p2
purl pkg:composer/laminas/laminas-diactoros@2.1.0p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.0p2
71
url pkg:composer/laminas/laminas-diactoros@2.1.0
purl pkg:composer/laminas/laminas-diactoros@2.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.0
72
url pkg:composer/laminas/laminas-diactoros@2.1.1p1
purl pkg:composer/laminas/laminas-diactoros@2.1.1p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.1p1
73
url pkg:composer/laminas/laminas-diactoros@2.1.1p2
purl pkg:composer/laminas/laminas-diactoros@2.1.1p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.1p2
74
url pkg:composer/laminas/laminas-diactoros@2.1.1
purl pkg:composer/laminas/laminas-diactoros@2.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.1
75
url pkg:composer/laminas/laminas-diactoros@2.1.2p1
purl pkg:composer/laminas/laminas-diactoros@2.1.2p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.2p1
76
url pkg:composer/laminas/laminas-diactoros@2.1.2p2
purl pkg:composer/laminas/laminas-diactoros@2.1.2p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.2p2
77
url pkg:composer/laminas/laminas-diactoros@2.1.2
purl pkg:composer/laminas/laminas-diactoros@2.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.2
78
url pkg:composer/laminas/laminas-diactoros@2.1.3p1
purl pkg:composer/laminas/laminas-diactoros@2.1.3p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.3p1
79
url pkg:composer/laminas/laminas-diactoros@2.1.3p2
purl pkg:composer/laminas/laminas-diactoros@2.1.3p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.3p2
80
url pkg:composer/laminas/laminas-diactoros@2.1.3
purl pkg:composer/laminas/laminas-diactoros@2.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.3
81
url pkg:composer/laminas/laminas-diactoros@2.1.4p1
purl pkg:composer/laminas/laminas-diactoros@2.1.4p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.4p1
82
url pkg:composer/laminas/laminas-diactoros@2.1.4p2
purl pkg:composer/laminas/laminas-diactoros@2.1.4p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.4p2
83
url pkg:composer/laminas/laminas-diactoros@2.1.4
purl pkg:composer/laminas/laminas-diactoros@2.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.4
84
url pkg:composer/laminas/laminas-diactoros@2.1.5p1
purl pkg:composer/laminas/laminas-diactoros@2.1.5p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.5p1
85
url pkg:composer/laminas/laminas-diactoros@2.1.5p2
purl pkg:composer/laminas/laminas-diactoros@2.1.5p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.5p2
86
url pkg:composer/laminas/laminas-diactoros@2.1.5
purl pkg:composer/laminas/laminas-diactoros@2.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.5
87
url pkg:composer/laminas/laminas-diactoros@2.2.0p1
purl pkg:composer/laminas/laminas-diactoros@2.2.0p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.0p1
88
url pkg:composer/laminas/laminas-diactoros@2.2.0p2
purl pkg:composer/laminas/laminas-diactoros@2.2.0p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.0p2
89
url pkg:composer/laminas/laminas-diactoros@2.2.0
purl pkg:composer/laminas/laminas-diactoros@2.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.0
90
url pkg:composer/laminas/laminas-diactoros@2.2.1p1
purl pkg:composer/laminas/laminas-diactoros@2.2.1p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.1p1
91
url pkg:composer/laminas/laminas-diactoros@2.2.1p2
purl pkg:composer/laminas/laminas-diactoros@2.2.1p2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.1p2
92
url pkg:composer/laminas/laminas-diactoros@2.2.1
purl pkg:composer/laminas/laminas-diactoros@2.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.1
93
url pkg:composer/laminas/laminas-diactoros@2.2.2
purl pkg:composer/laminas/laminas-diactoros@2.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.2
94
url pkg:composer/laminas/laminas-diactoros@2.2.3
purl pkg:composer/laminas/laminas-diactoros@2.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.3
95
url pkg:composer/laminas/laminas-diactoros@2.3.0
purl pkg:composer/laminas/laminas-diactoros@2.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.3.0
96
url pkg:composer/laminas/laminas-diactoros@2.3.1
purl pkg:composer/laminas/laminas-diactoros@2.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.3.1
97
url pkg:composer/laminas/laminas-diactoros@2.3.2
purl pkg:composer/laminas/laminas-diactoros@2.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.3.2
98
url pkg:composer/laminas/laminas-diactoros@2.4.0
purl pkg:composer/laminas/laminas-diactoros@2.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.4.0
99
url pkg:composer/laminas/laminas-diactoros@2.4.1
purl pkg:composer/laminas/laminas-diactoros@2.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.4.1
100
url pkg:composer/laminas/laminas-diactoros@2.5.0
purl pkg:composer/laminas/laminas-diactoros@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.5.0
101
url pkg:composer/laminas/laminas-diactoros@2.5.1
purl pkg:composer/laminas/laminas-diactoros@2.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.5.1
102
url pkg:composer/laminas/laminas-diactoros@2.6.0
purl pkg:composer/laminas/laminas-diactoros@2.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.6.0
103
url pkg:composer/laminas/laminas-diactoros@2.7.0
purl pkg:composer/laminas/laminas-diactoros@2.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.7.0
104
url pkg:composer/laminas/laminas-diactoros@2.8.0
purl pkg:composer/laminas/laminas-diactoros@2.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.8.0
105
url pkg:composer/laminas/laminas-diactoros@2.9.0
purl pkg:composer/laminas/laminas-diactoros@2.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.9.0
106
url pkg:composer/laminas/laminas-diactoros@2.9.1
purl pkg:composer/laminas/laminas-diactoros@2.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.9.1
107
url pkg:composer/laminas/laminas-diactoros@2.9.2
purl pkg:composer/laminas/laminas-diactoros@2.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.9.2
108
url pkg:composer/laminas/laminas-diactoros@2.10.0
purl pkg:composer/laminas/laminas-diactoros@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.10.0
109
url pkg:composer/laminas/laminas-diactoros@2.11.0
purl pkg:composer/laminas/laminas-diactoros@2.11.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fr6v-6ctc-13aj
1
vulnerability VCID-jc36-p4jx-t3e1
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.11.0
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31109
reference_id
reference_type
scores
0
value 0.00383
scoring_system epss
scoring_elements 0.5999
published_at 2026-06-06T12:55:00Z
1
value 0.00383
scoring_system epss
scoring_elements 0.59987
published_at 2026-06-05T12:55:00Z
2
value 0.00383
scoring_system epss
scoring_elements 0.5994
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31109
1
reference_url https://github.com/advisories/GHSA-8274-h5jp-97vr
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-8274-h5jp-97vr
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/laminas/laminas-diactoros/CVE-2022-31109.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/laminas/laminas-diactoros/CVE-2022-31109.yaml
3
reference_url https://github.com/laminas/laminas-diactoros
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/laminas/laminas-diactoros
4
reference_url https://github.com/laminas/laminas-diactoros/commit/25b11d422c2e5dad868f68619888763b30f91e2d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:53:07Z/
url https://github.com/laminas/laminas-diactoros/commit/25b11d422c2e5dad868f68619888763b30f91e2d
5
reference_url https://github.com/laminas/laminas-diactoros/releases/tag/2.11.1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/laminas/laminas-diactoros/releases/tag/2.11.1
6
reference_url https://github.com/laminas/laminas-diactoros/security/advisories/GHSA-8274-h5jp-97vr
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:53:07Z/
url https://github.com/laminas/laminas-diactoros/security/advisories/GHSA-8274-h5jp-97vr
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-31109
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-31109
8
reference_url https://portswigger.net/web-security/host-header
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:53:07Z/
url https://portswigger.net/web-security/host-header
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 444
name Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
description The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.
Exploits
Severity_range_score4.0 - 7.2
Exploitability0.5
Weighted_severity6.5
Risk_score3.2
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-fr6v-6ctc-13aj