Lucene search
UbuntuUSN-6671-1HistoryFeb 29, 2024 - 12:00 a.m.
php-nyholm-psr7 vulnerability
2024-02-2900:00:00
ubuntu.com
12
vulnerability
http headers
injection
ubuntu 22.04 lts
php-nyholm-psr7
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.2 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.6%
Releases
- Ubuntu 22.04 LTS
Packages
- php-nyholm-psr7 - A super lightweight PSR-7 implementation
Details
It was discovered that php-nyholm-psr7 incorrectly parsed HTTP
headers. A remote attacker could possibly use this issue to perform
an HTTP header injection attack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 22.04 | noarch | php-nyholm-psr7 | < 1.5.0-1ubuntu0.1~esm1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | php-nyholm-psr7 | < 1.5.0-1 | UNKNOWN |
References
Related
fedora
fedora
[SECURITY] Fedora 38 Update: php-nyholm-psr7-1.7.0-1.fc38
2023-04-29 02:53:18
[SECURITY] Fedora 37 Update: php-nyholm-psr7-1.6.1-1.fc37
2023-04-28 02:04:03
osv
osv
php-nyholm-psr7 vulnerability
2024-02-29 16:02:17
Improper Input Validation in nyholm/psr7
2023-04-21 20:27:30
Improper header validation in httpsoft/http-message
2023-04-21 20:27:12
friendsofphp
friendsofphp
Improper Input Validation in headers
2023-04-17 16:00:00
Improper Input Validation in headers
2023-04-17 16:00:00
Improper header validation
2023-04-17 16:00:00
openvas
openvas
Fedora: Security Advisory for php-nyholm-psr7 (FEDORA-2023-b0811dc6e4)
2023-04-30 00:00:00
Ubuntu: Security Advisory (USN-6671-1)
2024-03-01 00:00:00
Debian: Security Advisory (DLA-3705-1)
2024-01-12 00:00:00
veracode
veracode
HTTP Request Smuggling
2023-04-19 11:10:06
github
github
Improper header name validation in guzzlehttp/psr7
2023-04-19 18:25:53
HTTP Multiline Header Termination
2023-04-24 22:42:39
Insecure header validation in slim/psr7
2023-04-18 22:20:42
nessus
nessus
Fedora 37 : php-nyholm-psr7 (2023-c29ae4c76f)
2023-04-28 00:00:00
Fedora 38 : php-nyholm-psr7 (2023-b0811dc6e4)
2023-04-29 00:00:00
Ubuntu 22.04 LTS : php-nyholm-psr7 vulnerability (USN-6671-1)
2024-02-29 00:00:00
freebsd
freebsd
mantis -- multiple vulnerabilities
2023-10-14 00:00:00
mediawiki -- multiple vulnerabilities
2023-04-21 00:00:00
debian
debian
[SECURITY] [DLA 3705-1] php-guzzlehttp-psr7 security update
2023-12-31 22:52:23
debiancve
debiancve
CVE-2023-29197
2023-04-17 22:15:09
nvd
nvd
CVE-2023-29197
2023-04-17 22:15:09
ubuntucve
ubuntucve
CVE-2023-29197
2023-04-17 00:00:00
cve
cve
CVE-2023-29197
2023-04-17 22:15:09
cvelist
cvelist
CVE-2023-29197 Improper header name validation in guzzlehttp/psr7
2023-04-17 21:08:46
ubuntu
ubuntu
php-guzzlehttp-psr7 vulnerabilities
2024-02-29 00:00:00
prion
prion
Design/Logic Flaw
2023-04-17 22:15:00
mageia
mageia
Updated mediawiki packages fix security vulnerability
2023-07-27 01:07:49
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.2 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.6%
Related for USN-6671-1