Lucene search
+L

26 matches found

Tenable Nessus
Tenable Nessus
added 2025/01/22 12:0 a.m.23 views

Debian dla-3705 : php-guzzlehttp-psr7 - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3705 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3705-1 [email protected]...

7.5CVSS7.3AI score0.02384EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.40 views

Ubuntu 20.04 LTS / 22.04 LTS : php-guzzlehttp-psr7 vulnerabilities (USN-6670-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6670-1 advisory. It was discovered that php-guzzlehttp-psr7 incorrectly parsed HTTP headers. A remote attacker could possibly use these issues to perform an...

7.5CVSS7.5AI score0.02384EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.46 views

Ubuntu 22.04 LTS : php-nyholm-psr7 vulnerability (USN-6671-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6671-1 advisory. It was discovered that php-nyholm-psr7 incorrectly parsed HTTP headers. A remote attacker could possibly use this issue to perform an HTTP header injection attack...

7.5CVSS7.3AI score0.01216EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/10 12:0 a.m.41 views

FreeBSD : mantis -- multiple vulnerabilities (1f0d0024-ac9c-11ee-8e91-1c697a013f4b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1f0d0024-ac9c-11ee-8e91-1c697a013f4b advisory. - guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are...

7.5CVSS6.2AI score0.01216EPSS
Exploits0References5
Debian
Debian
added 2023/12/31 10:52 p.m.28 views

[SECURITY] [DLA 3705-1] php-guzzlehttp-psr7 security update

Debian LTS Advisory DLA-3705-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 31, 2023 https://wiki.debian.org/LTS Package : php-guzzlehttp-psr7 Version : 1.4.2-0.1+deb10u2 CVE ID : CVE-2023-29197 Debian Bug : 1034581 It was discovered that...

7.5CVSS7.1AI score0.02384EPSS
Exploits0
FreeBSD
FreeBSD
added 2023/10/14 12:0 a.m.58 views

mantis -- multiple vulnerabilities

Mantis 2.25.8 release reports: Security and maintenance release 0032432: Update guzzlehttp/psr7 to 1.9.1 CVE-2023-29197 0032981: Information Leakage on DokuWiki Integration CVE-2023-44394...

7.5CVSS7.3AI score0.01216EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/07/27 12:0 a.m.44 views

Mageia: Security Advisory (MGASA-2023-0241)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.01216EPSS
Exploits1References4
OSV
OSV
added 2023/07/26 10:7 p.m.15 views

MGASA-2023-0241 Updated mediawiki packages fix security vulnerability

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many...

7.5CVSS6AI score0.01216EPSS
Exploits1References3
Mageia
Mageia
added 2023/07/26 10:7 p.m.51 views

Updated mediawiki packages fix security vulnerability

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many...

7.5CVSS6.3AI score0.01216EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/07/06 12:0 a.m.33 views

MediaWiki < 1.35.11, 1.36.x < 1.38.7, 1.39.x < 1.39.4 Multiple Vulnerabilities - Linux

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

7.5CVSS6.7AI score0.01216EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/07/06 12:0 a.m.26 views

MediaWiki < 1.35.11, 1.36.x < 1.38.7, 1.39.x < 1.39.4 Multiple Vulnerabilities - Windows

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

7.5CVSS6.7AI score0.01216EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/07/01 12:0 a.m.44 views

FreeBSD : mediawiki -- multiple vulnerabilities (95dad123-180e-11ee-86ba-080027eda32c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 95dad123-180e-11ee-86ba-080027eda32c advisory. - guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are...

7.5CVSS6AI score0.01216EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/04/29 12:0 a.m.40 views

Fedora 38 : php-nyholm-psr7 (2023-b0811dc6e4)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-b0811dc6e4 advisory. Version 1.7.0 - Bump to PHP 7.2 minimum - Allow psr/http-message v2 - Use copy-on-write for streams created from strings ---- Version 1.6.1 - Security fix:...

7.5CVSS7.3AI score0.01216EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/04/29 12:0 a.m.25 views

Fedora: Security Advisory for php-nyholm-psr7 (FEDORA-2023-c29ae4c76f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.01216EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/28 12:0 a.m.38 views

Fedora 37 : php-nyholm-psr7 (2023-c29ae4c76f)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-c29ae4c76f advisory. Version 1.6.1 - Security fix: CVE-2023-29197 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...

7.5CVSS7.3AI score0.01216EPSS
Exploits0References2
OSV
OSV
added 2023/04/24 10:42 p.m.49 views

GHSA-XV3H-4844-9H36 HTTP Multiline Header Termination

Impact Affected versions of Laminas Diactoros accepted a single line feed LF / \n character at the end of a header name. When serializing such a header name containing a line-feed into the on-the-wire representation of a HTTP/1.x message, the resulting message would be syntactically invalid, due ...

7.5CVSS6.2AI score0.00965EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/04/24 10:42 p.m.49 views

HTTP Multiline Header Termination

Impact Affected versions of Laminas Diactoros accepted a single line feed LF / \n character at the end of a header name. When serializing such a header name containing a line-feed into the on-the-wire representation of a HTTP/1.x message, the resulting message would be syntactically invalid, due ...

7.5CVSS6AI score0.00965EPSS
Exploits0References6Affected Software1
FreeBSD
FreeBSD
added 2023/04/21 12:0 a.m.57 views

mediawiki -- multiple vulnerabilities

Mediawiki reports: T335203, CVE-2023-29197 Upgrade guzzlehttp/psr7 to = 1.9.1/2.4.5. T335612, CVE-2023-36674 Manualthumb bypasses badFile lookup. T332889, CVE-2023-36675 XSS in BlockLogFormatter due to unsafe message use...

7.5CVSS6.4AI score0.01216EPSS
Exploits1References1
OSV
OSV
added 2023/04/18 10:20 p.m.55 views

GHSA-Q2QJ-628G-VHFW Insecure header validation in slim/psr7

Impact An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An attacker that is able to control the header names that are passed to Slilm-Ps...

6.5CVSS6.1AI score0.00743EPSS
Exploits0References9
OSV
OSV
added 2023/04/17 10:15 p.m.3 views

DEBIAN-CVE-2023-29197

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many...

7.5CVSS7.2AI score0.01216EPSS
Exploits0References1
Rows per page
Query Builder