Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/17289?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17289?format=api", "vulnerability_id": "VCID-4tr3-8z2d-5fh6", "summary": "Interpretation Conflict\nguzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\\n) into both the header names and values. While the specification states that \\r\\n\\r\\n is used to terminate the header list, many servers in the wild will also accept \\n\\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for this vulnerability. Users are advised to upgrade.", "aliases": [ { "alias": "CVE-2023-29197" }, { "alias": "GHSA-wxmh-65f7-jcvw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57143?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.9.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/57144?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.4.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/934902?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053216?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%252Bdeb11u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/934900?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.4.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.4.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934905?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934904?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.9.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.9.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935018?format=api", "purl": "pkg:deb/debian/php-nyholm-psr7@1.3.2-2%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-nyholm-psr7@1.3.2-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935017?format=api", "purl": "pkg:deb/debian/php-nyholm-psr7@1.5.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-nyholm-psr7@1.5.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935019?format=api", "purl": "pkg:deb/debian/php-nyholm-psr7@1.8.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-nyholm-psr7@1.8.2-2%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/291042?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291043?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291044?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291045?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291046?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/291047?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/291048?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291049?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291050?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291051?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291052?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/291053?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291054?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291055?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/291056?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291057?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291058?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291059?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291060?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/291061?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/291062?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/48184?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/367944?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/367945?format=api", "purl": "pkg:composer/guzzlehttp/psr7@1.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48181?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/291063?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/48186?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/367946?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/367947?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/367948?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/367949?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/367950?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/367951?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/367952?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/367953?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/367954?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/367955?format=api", "purl": "pkg:composer/guzzlehttp/psr7@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053215?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@1.4.2-0.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tr3-8z2d-5fh6" }, { "vulnerability": "VCID-wbuz-qcp3-43aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.4.2-0.1%252Bdeb10u1" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.84675", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.84711", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.84718", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.84722", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.84704", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.84653", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.84673", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.84697", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29197" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2023-29197.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2023-29197.yaml" }, { "reference_url": "https://github.com/guzzle/psr7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/guzzle/psr7" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U/" }, { "reference_url": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034581", "reference_id": "1034581", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034581" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034597", "reference_id": "1034597", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034597" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29197", "reference_id": "CVE-2023-29197", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29197" }, { "reference_url": "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96", "reference_id": "GHSA-q7rv-6hp3-vh96", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96" }, { "reference_url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw", "reference_id": "GHSA-wxmh-65f7-jcvw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw" }, { "reference_url": "https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw", "reference_id": "GHSA-wxmh-65f7-jcvw", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw" }, { "reference_url": "https://usn.ubuntu.com/6670-1/", "reference_id": "USN-6670-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6670-1/" }, { "reference_url": "https://usn.ubuntu.com/6671-1/", "reference_id": "USN-6671-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6671-1/" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 436, "name": "Interpretation Conflict", "description": "Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4tr3-8z2d-5fh6" }