{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/17289?format=json","vulnerability_id":"VCID-4tr3-8z2d-5fh6","summary":"Interpretation Conflict\nguzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\\n) into both the header names and values. While the specification states that \\r\\n\\r\\n is used to terminate the header list, many servers in the wild will also accept \\n\\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for this vulnerability. Users are advised to upgrade.","aliases":[{"alias":"CVE-2023-29197"},{"alias":"GHSA-wxmh-65f7-jcvw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57143?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.9.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/57144?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.4.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/934902?format=json","purl":"pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1053216?format=json","purl":"pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%2Bdeb11u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.7.0-1%252Bdeb11u2"},{"url":"http://public2.vulnerablecode.io/api/packages/934900?format=json","purl":"pkg:deb/debian/php-guzzlehttp-psr7@2.4.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.4.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934905?format=json","purl":"pkg:deb/debian/php-guzzlehttp-psr7@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934904?format=json","purl":"pkg:deb/debian/php-guzzlehttp-psr7@2.9.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@2.9.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935018?format=json","purl":"pkg:deb/debian/php-nyholm-psr7@1.3.2-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-nyholm-psr7@1.3.2-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935017?format=json","purl":"pkg:deb/debian/php-nyholm-psr7@1.5.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-nyholm-psr7@1.5.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/935019?format=json","purl":"pkg:deb/debian/php-nyholm-psr7@1.8.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-nyholm-psr7@1.8.2-2%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/291042?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/291043?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/291044?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/291045?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/291046?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/291047?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/291048?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/291049?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/291050?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/291051?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/291052?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/291053?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/291054?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/291055?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/291056?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/291057?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/291058?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/291059?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/291060?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/291061?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/291062?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/48184?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/367944?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/367945?format=json","purl":"pkg:composer/guzzlehttp/psr7@1.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@1.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/48181?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/291063?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/48186?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/367946?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/367947?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/367948?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/367949?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/367950?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/367951?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/367952?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/367953?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/367954?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/367955?format=json","purl":"pkg:composer/guzzlehttp/psr7@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/guzzlehttp/psr7@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/1053215?format=json","purl":"pkg:deb/debian/php-guzzlehttp-psr7@1.4.2-0.1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tr3-8z2d-5fh6"},{"vulnerability":"VCID-wbuz-qcp3-43aq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-guzzlehttp-psr7@1.4.2-0.1%252Bdeb10u1"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29197","reference_id":"","reference_type":"","scores":[{"value":"0.02291","scoring_system":"epss","scoring_elements":"0.84675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02291","scoring_system":"epss","scoring_elements":"0.84711","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02291","scoring_system":"epss","scoring_elements":"0.84718","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02291","scoring_system":"epss","scoring_elements":"0.84722","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02291","scoring_system":"epss","scoring_elements":"0.84704","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02291","scoring_system":"epss","scoring_elements":"0.84653","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02291","scoring_system":"epss","scoring_elements":"0.84673","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02291","scoring_system":"epss","scoring_elements":"0.84697","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29197"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2023-29197.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2023-29197.yaml"},{"reference_url":"https://github.com/guzzle/psr7","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/guzzle/psr7"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U/"},{"reference_url":"https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034581","reference_id":"1034581","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034581"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034597","reference_id":"1034597","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034597"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29197","reference_id":"CVE-2023-29197","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29197"},{"reference_url":"https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96","reference_id":"GHSA-q7rv-6hp3-vh96","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96"},{"reference_url":"https://github.com/advisories/GHSA-wxmh-65f7-jcvw","reference_id":"GHSA-wxmh-65f7-jcvw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wxmh-65f7-jcvw"},{"reference_url":"https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw","reference_id":"GHSA-wxmh-65f7-jcvw","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw"},{"reference_url":"https://usn.ubuntu.com/6670-1/","reference_id":"USN-6670-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6670-1/"},{"reference_url":"https://usn.ubuntu.com/6671-1/","reference_id":"USN-6671-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6671-1/"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":436,"name":"Interpretation Conflict","description":"Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4tr3-8z2d-5fh6"}