EUVD-2023-1372

Malicious code in bioql PyPI...

EUVD-2022-6288

Malicious code in bioql PyPI...

K000149883: PSR-7 header validation vulnerability CVE-2023-30536

Security Advisory Description slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the...

BIT-DRUPAL-2022-24775 Improper Input Validation in guzzlehttp/psr7

guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds...

FreeBSD : mantis -- multiple vulnerabilities (1f0d0024-ac9c-11ee-8e91-1c697a013f4b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1f0d0024-ac9c-11ee-8e91-1c697a013f4b advisory. - guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are...

[SECURITY] [DLA 3705-1] php-guzzlehttp-psr7 security update

Debian LTS Advisory DLA-3705-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 31, 2023 https://wiki.debian.org/LTS Package : php-guzzlehttp-psr7 Version : 1.4.2-0.1+deb10u2 CVE ID : CVE-2023-29197 Debian Bug : 1034581 It was discovered that...

Updated mediawiki packages fix security vulnerability

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many...

[SECURITY] Fedora 38 Update: php-nyholm-psr7-1.7.0-1.fc38

A super lightweight PSR-7 implementation. Very strict and very fast.. Autoloader: /usr/share/php/Nyholm/Psr7/autoload.php...

Fedora: Security Advisory for php-laminas-diactoros2 (FEDORA-2023-8cf8786a16)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: php-laminas-diactoros2-2.25.2-1.fc38

A PHP package containing implementations of the accepted PSR-7 HTTP message interfaces 1, as well as a "server" implementation similar to node's http.Server 2. Documentation: https://docs.laminas.dev/laminas-diactoros/ Autoloader: /usr/share/php/Laminas/Diactoros2/autoload.php 1...

[SECURITY] Fedora 37 Update: php-nyholm-psr7-1.6.1-1.fc37

A super lightweight PSR-7 implementation. Very strict and very fast.. Autoloader: /usr/share/php/Nyholm/Psr7/autoload.php...

CVE-2023-30536

slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An...

Code injection

slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An...

CVE-2023-29197

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many...

CVE-2023-30536

slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An...

CVE-2023-30536

slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An...

CVE-2023-30536 Insecure header validation in slim/psr7

slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An...

CVE-2023-30536 Insecure header validation in slim/psr7

slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An...

CVE-2023-30536

CVE-2023-30536 affects slim/psr7 (Slim-Psr7) before 1.6.1, where an attacker controlling header names can inject a newline character into header names and values, potentially producing malformed HTTP messages and causing application errors or a DoS via a remote service firewall. The issue is reso...

CVE-2023-29197 Improper header name validation in guzzlehttp/psr7

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many...