Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/122619?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/122619?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%2Bdeb11u2?distro=trixie", "type": "deb", "namespace": "debian", "name": "php-guzzlehttp-psr7", "version": "1.7.0-1+deb11u2", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.8.5-1", "latest_non_vulnerable_version": "2.11.0-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97891?format=api", "vulnerability_id": "VCID-4dma-pjax-13a6", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48998" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138265", "reference_id": "1138265", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138265" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/122627?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.10.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.10.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122621?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.10.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.10.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122622?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.11.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.11.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-48998" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4dma-pjax-13a6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97892?format=api", "vulnerability_id": "VCID-vep1-yu52-7fed", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-49214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-49214" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138265", "reference_id": "1138265", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138265" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/122627?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.10.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.10.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122621?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.10.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.10.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122622?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.11.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.11.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-49214" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vep1-yu52-7fed" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44986?format=api", "vulnerability_id": "VCID-2ajh-kr71-dbac", "summary": "Interpretation Conflict\nguzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\\n) into both the header names and values. While the specification states that \\r\\n\\r\\n is used to terminate the header list, many servers in the wild will also accept \\n\\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for this vulnerability. Users are advised to upgrade.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04782", "scoring_system": "epss", "scoring_elements": "0.89668", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.04782", "scoring_system": "epss", "scoring_elements": "0.89685", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.04782", "scoring_system": "epss", "scoring_elements": "0.8967", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29197" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2023-29197.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2023-29197.yaml" }, { "reference_url": "https://github.com/guzzle/psr7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/guzzle/psr7" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U/" }, { "reference_url": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034581", "reference_id": "1034581", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034581" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034597", "reference_id": "1034597", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034597" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29197", "reference_id": "CVE-2023-29197", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29197" }, { "reference_url": "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96", "reference_id": "GHSA-q7rv-6hp3-vh96", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96" }, { "reference_url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw", "reference_id": "GHSA-wxmh-65f7-jcvw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wxmh-65f7-jcvw" }, { "reference_url": "https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw", "reference_id": "GHSA-wxmh-65f7-jcvw", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw" }, { "reference_url": "https://usn.ubuntu.com/6670-1/", "reference_id": "USN-6670-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6670-1/" }, { "reference_url": "https://usn.ubuntu.com/6671-1/", "reference_id": "USN-6671-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6671-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/122619?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4dma-pjax-13a6" }, { "vulnerability": "VCID-vep1-yu52-7fed" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122616?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.4.5-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4dma-pjax-13a6" }, { "vulnerability": "VCID-vep1-yu52-7fed" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.4.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122623?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.7.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4dma-pjax-13a6" }, { "vulnerability": "VCID-vep1-yu52-7fed" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122621?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.10.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.10.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122622?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.11.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.11.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29197", "GHSA-wxmh-65f7-jcvw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ajh-kr71-dbac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42761?format=api", "vulnerability_id": "VCID-ard5-3cjv-1beu", "summary": "Improper Input Validation\nguzzlehttp/psr7 is a PSR-7 HTTP message library used in drupal. Versions prior to 1.8.4 and 2.1.1 is vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76525", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76489", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76518", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76524", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76514", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76504", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24775" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2022-24775.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2022-24775.yaml" }, { "reference_url": "https://github.com/guzzle/psr7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/guzzle/psr7" }, { "reference_url": "https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/" } ], "url": "https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1" }, { "reference_url": "https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/" } ], "url": "https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc" }, { "reference_url": "https://www.drupal.org/sa-core-2022-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/" } ], "url": "https://www.drupal.org/sa-core-2022-006" }, { "reference_url": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008236", "reference_id": "1008236", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008236" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24775", "reference_id": "CVE-2022-24775", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24775" }, { "reference_url": "https://github.com/advisories/GHSA-q7rv-6hp3-vh96", "reference_id": "GHSA-q7rv-6hp3-vh96", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q7rv-6hp3-vh96" }, { "reference_url": "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96", "reference_id": "GHSA-q7rv-6hp3-vh96", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/" } ], "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96" }, { "reference_url": "https://usn.ubuntu.com/6670-1/", "reference_id": "USN-6670-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6670-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/122620?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122619?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4dma-pjax-13a6" }, { "vulnerability": "VCID-vep1-yu52-7fed" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122618?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@1.8.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.8.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122616?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.4.5-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4dma-pjax-13a6" }, { "vulnerability": "VCID-vep1-yu52-7fed" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.4.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122623?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.7.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4dma-pjax-13a6" }, { "vulnerability": "VCID-vep1-yu52-7fed" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122621?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.10.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.10.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/122622?format=api", "purl": "pkg:deb/debian/php-guzzlehttp-psr7@2.11.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.11.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-24775", "GHSA-q7rv-6hp3-vh96" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ard5-3cjv-1beu" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%252Bdeb11u2%3Fdistro=trixie" }