Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/110487?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/110487?format=api", "vulnerability_id": "VCID-fr6v-6ctc-13aj", "summary": "Diactoros before 2.11.1 vulnerable to HTTP Host Header Attack\n### Impact\n\nApplications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol, and/or port of a `Laminas\\Diactoros\\Uri` instance associated with the incoming server request modified to reflect values from `X-Forwarded-*` headers. Such changes can potentially lead to XSS attacks (if a fully-qualified URL is used in links) and/or URL poisoning.\n\n### Patches\n\nAny version after 2.11.0.\n\nStarting in laminas/laminas-diactoros 2.11.1, we have added `Laminas\\Diactoros\\ServerRequestFilter\\FilterServerRequestInterface`, which defines the single method `__invoke(Psr\\Http\\Message\\ServerRequestInterface $request): Psr\\Http\\Message\\ServerRequestInterface`. Filters implementing this interface allow modifying and returning a generated `ServerRequest`.\n\nThe primary use case of the interface is to allow modifying the generated URI based on the presence of headers such as `X-Forwarded-Host`. When operating behind a reverse proxy, the `Host` header is often rewritten to the name of the node to which the request is being forwarded, and an `X-Forwarded-Host` header is generated with the original `Host` value to allow the server to determine the original host the request was intended for. (We have always examined the `X-Forwarded-Proto` header; as of Diactoros 2.11.1, we also examine the `X-Forwarded-Port` header.) To accommodate this use case, we created Laminas\\Diactoros\\ServerRequestFilter\\FilterUsingXForwardedHeaders.\n\nDue to potential security issues, it is generally best to only accept these headers if you trust the reverse proxy that has initiated the request.\n(This value is found in `$_SERVER['REMOTE_ADDR']`, which is present as `$request->getServerParams()['REMOTE_ADDR']` within PSR-7 implementations.) `FilterUsingXForwardedHeaders` provides named constructors to allow you to trust these headers from any source (which has been the default behavior of Diactoros since the beginning), or to specify specific IP addresses or CIDR subnets to trust, along with which headers are trusted.\n\n`Laminas\\Diactoros\\ServerRequestFactory::fromGlobals()` was updated to accept a `FilterServerRequestInterface` as an additional, optional argument. Since the `X-Forwarded-*` headers do have valid use cases, particularly in clustered environments using a load balancer, to prevent backwards compatibility breaks, if no filter is provided, we generate an instance via `FilterUsingXForwardedHeaders::trustReservedSubnets()`, which generates an instance marked to trust only proxies on private subnets.\n\n### Workarounds\n\nInfrastructure or DevOps can configure web servers to reject `X-Forwarded-*` headers at the web server level.\n\nUsers of laminas/laminas-diactoros can make use of the `Laminas\\Diactoros\\RequestFilter\\RequestFilterInterface` functionality in order to either (a) disable usage of the `X-Forwarded-*` headers entirely, (b) opt-in to it, or (c) opt-in to the usage for configured proxy servers.\n\n### References\n\n- [HTTP Host Header Attacks](https://portswigger.net/web-security/host-header)\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n- Open an issue in [laminas/laminas-diactoros](https://github.com/laminas/laminas-diactoros/)\n- [Email us](mailto:security@getlaminas.org)", "aliases": [ { "alias": "CVE-2022-31109" }, { "alias": "GHSA-8274-h5jp-97vr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/149170?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.11.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.11.1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/187916?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187917?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187918?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187919?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/187920?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/187921?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/187922?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187923?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187924?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187925?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/187926?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/187927?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187928?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187929?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187930?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187931?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187932?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/187933?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/187934?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/187935?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/187936?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/187937?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/187938?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/187939?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/187940?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.3.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.3.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/187941?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187942?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187943?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187944?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187945?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187946?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187947?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187948?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.7.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187949?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.0p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.0p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187950?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.0p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.0p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187951?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187952?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.1p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.1p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187953?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.1p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.1p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187954?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187955?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.2p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.2p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187956?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.2p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.2p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187957?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187958?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.3p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.3p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187959?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.3p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.3p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187960?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/187961?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.4p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.4p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187962?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.4p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.4p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187963?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/187964?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.5p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.5p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187965?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.5p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.5p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187966?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/187967?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.6p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.6p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187968?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.6p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.6p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187969?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/187970?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.7p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.7p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187971?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.7p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.7p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187972?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@1.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@1.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/187973?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.0p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.0p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187974?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.0p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.0p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187975?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187976?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.1p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.1p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187977?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.1p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.1p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187978?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187979?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.2p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.2p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187980?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.2p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.2p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187981?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187982?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.3p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.3p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187983?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.3p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.3p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187984?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/187985?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.0p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.0p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187986?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.0p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.0p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187987?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/187988?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.1p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.1p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187989?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.1p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.1p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187990?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187991?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.2p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.2p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187992?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.2p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.2p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187993?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187994?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.3p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.3p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187995?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.3p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.3p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187996?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/187997?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.4p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.4p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/187998?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.4p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.4p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187999?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/188000?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.5p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.5p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/188001?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.5p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.5p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/188002?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/188003?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.2.0p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.0p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/188004?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.2.0p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.0p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/188005?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/188006?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.2.1p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.1p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/188007?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.2.1p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.1p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/188008?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/188009?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/188010?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/188011?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/188012?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/188013?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/188014?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/188015?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/188016?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/188017?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/188018?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/188019?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/188020?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/188021?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/188022?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/188023?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/188024?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/188025?format=api", "purl": "pkg:composer/laminas/laminas-diactoros@2.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fr6v-6ctc-13aj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/laminas/laminas-diactoros@2.11.0" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31109", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.5994", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31109" }, { "reference_url": "https://github.com/advisories/GHSA-8274-h5jp-97vr", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8274-h5jp-97vr" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/laminas/laminas-diactoros/CVE-2022-31109.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/laminas/laminas-diactoros/CVE-2022-31109.yaml" }, { "reference_url": "https://github.com/laminas/laminas-diactoros", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/laminas/laminas-diactoros" }, { "reference_url": "https://github.com/laminas/laminas-diactoros/commit/25b11d422c2e5dad868f68619888763b30f91e2d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/laminas/laminas-diactoros/commit/25b11d422c2e5dad868f68619888763b30f91e2d" }, { "reference_url": "https://github.com/laminas/laminas-diactoros/releases/tag/2.11.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/laminas/laminas-diactoros/releases/tag/2.11.1" }, { "reference_url": "https://github.com/laminas/laminas-diactoros/security/advisories/GHSA-8274-h5jp-97vr", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/laminas/laminas-diactoros/security/advisories/GHSA-8274-h5jp-97vr" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31109", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31109" }, { "reference_url": "https://portswigger.net/web-security/host-header", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://portswigger.net/web-security/host-header" } ], "weaknesses": [ { "cwe_id": 79, "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "description": "The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fr6v-6ctc-13aj" }