cvelistv5 - CVE-2023-29197

URL	Tags
security-advisories@github.com	https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775	Not Applicable
security-advisories@github.com	https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96	Not Applicable
security-advisories@github.com	https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw	Vendor Advisory
security-advisories@github.com	https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html
security-advisories@github.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF/	Mailing List, Third Party Advisory
security-advisories@github.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U/	Mailing List, Third Party Advisory
security-advisories@github.com	https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4	Technical Description

wid-sec-w-2023-1626

Vulnerability from csaf_certbund

Published

2023-07-02 22:00

Modified

2024-02-29 23:00

Summary

MediaWiki: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

MediaWiki ist ein freies Wiki, das ursprünglich für den Einsatz auf Wikipedia entwickelt wurde.

Angriff

Ein Angreifer kann mehrere Schwachstellen in MediaWiki ausnutzen, um einen nicht näher spezifizierten Angriff und einen Cross-Site-Scripting Angriff duchzuführen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "MediaWiki ist ein freies Wiki, das urspr\u00fcnglich f\u00fcr den Einsatz auf Wikipedia entwickelt wurde.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in MediaWiki ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff und einen Cross-Site-Scripting Angriff duchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-1626 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1626.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-1626 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1626"
      },
      {
        "category": "external",
        "summary": "[MediaWiki-announce] Security and maintenance release: 1.35.11 / 1.38.7 / 1.39.4 vom 2023-07-02",
        "url": "https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/message/HVT3U3XYY35PSCIQPHMY4VQNF3Q6MHUO/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5447 vom 2023-07-05",
        "url": "https://lists.debian.org/debian-security-announce/2023/msg00139.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2023-1FCABA0998 vom 2023-08-24",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-1fcaba0998"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2023-D8AE3C122E vom 2023-08-24",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d8ae3c122e"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2023-7E9D6015F6 vom 2023-08-24",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-7e9d6015f6"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6671-1 vom 2024-02-29",
        "url": "https://ubuntu.com/security/notices/USN-6671-1"
      }
    ],
    "source_lang": "en-US",
    "title": "MediaWiki: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-02-29T23:00:00.000+00:00",
      "generator": {
        "date": "2024-03-01T09:02:34.689+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-1626",
      "initial_release_date": "2023-07-02T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-07-02T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-07-05T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2023-08-24T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2024-02-29T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 1.35.11",
                "product": {
                  "name": "Open Source MediaWiki \u003c 1.35.11",
                  "product_id": "T028325",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:1.35.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c 1.38.7",
                "product": {
                  "name": "Open Source MediaWiki \u003c 1.38.7",
                  "product_id": "T028326",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:1.38.7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c 1.39.4",
                "product": {
                  "name": "Open Source MediaWiki \u003c 1.39.4",
                  "product_id": "T028393",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:1.39.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "MediaWiki"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-29197",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in MediaWiki, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurde. Der Fehler besteht in der Komponente guzzlehttp/psr7. Ein Angreifer kann diese Schwachstelle ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T000126",
          "74185"
        ]
      },
      "release_date": "2023-07-02T22:00:00Z",
      "title": "CVE-2023-29197"
    },
    {
      "cve": "CVE-2023-36674",
      "notes": [
        {
          "category": "description",
          "text": "In MediaWiki existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden im BlockLogFormatter nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T000126",
          "74185"
        ]
      },
      "release_date": "2023-07-02T22:00:00Z",
      "title": "CVE-2023-36674"
    }
  ]
}

gsd-2023-29197

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\n) into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for this vulnerability. Users are advised to upgrade.

Aliases

CVE-2023-29197

Aliases

CVE-2023-29197

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-29197",
    "id": "GSD-2023-29197"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-29197"
      ],
      "details": "guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\\n) into both the header names and values. While the specification states that \\r\\n\\r\\n is used to terminate the header list, many servers in the wild will also accept \\n\\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for this vulnerability. Users are advised to upgrade.",
      "id": "GSD-2023-29197",
      "modified": "2023-12-13T01:20:57.076314Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2023-29197",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "psr7",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "\u003c 1.9.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "\u003e= 2.0.0, \u003c 2.4.5"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "guzzle"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\\n) into both the header names and values. While the specification states that \\r\\n\\r\\n is used to terminate the header list, many servers in the wild will also accept \\n\\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for this vulnerability. Users are advised to upgrade."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-436",
                "lang": "eng",
                "value": "CWE-436: Interpretation Conflict"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw",
            "refsource": "MISC",
            "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw"
          },
          {
            "name": "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96",
            "refsource": "MISC",
            "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96"
          },
          {
            "name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775",
            "refsource": "MISC",
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775"
          },
          {
            "name": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4",
            "refsource": "MISC",
            "url": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U/"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF/"
          },
          {
            "name": "https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html",
            "refsource": "MISC",
            "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-wxmh-65f7-jcvw",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c1.9.1||\u003e=2.0.0,\u003c2.4.5",
          "affected_versions": "All versions before 1.9.1, all versions starting from 2.0.0 before 2.4.5",
          "cwe_ids": [
            "CWE-1035",
            "CWE-436",
            "CWE-937"
          ],
          "date": "2023-04-19",
          "description": "guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\\n) into both the header names and values. While the specification states that \\r\\n\\r\\n is used to terminate the header list, many servers in the wild will also accept \\n\\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for this vulnerability. Users are advised to upgrade.",
          "fixed_versions": [
            "1.9.1",
            "2.4.5"
          ],
          "identifier": "CVE-2023-29197",
          "identifiers": [
            "GHSA-wxmh-65f7-jcvw",
            "CVE-2023-29197"
          ],
          "not_impacted": "All versions starting from 1.9.1 before 2.0.0, all versions starting from 2.4.5",
          "package_slug": "packagist/guzzlehttp/psr7",
          "pubdate": "2023-04-19",
          "solution": "Upgrade to versions 1.9.1, 2.4.5 or above.",
          "title": "Interpretation Conflict",
          "urls": [
            "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96",
            "https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw",
            "https://nvd.nist.gov/vuln/detail/CVE-2023-29197",
            "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4",
            "https://github.com/advisories/GHSA-wxmh-65f7-jcvw"
          ],
          "uuid": "e6255c34-4dd5-402b-b63b-63ac2f36ddae"
        }
      ]
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:guzzlephp:psr-7:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "704750B5-E610-4CDF-AE19-64DA9B537919",
                    "versionEndExcluding": "1.9.1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:guzzlephp:psr-7:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DB62DA3C-0E8C-4240-9238-67D584A839D3",
                    "versionEndExcluding": "2.4.5",
                    "versionStartIncluding": "2.0.0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\\n) into both the header names and values. While the specification states that \\r\\n\\r\\n is used to terminate the header list, many servers in the wild will also accept \\n\\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for this vulnerability. Users are advised to upgrade."
          }
        ],
        "id": "CVE-2023-29197",
        "lastModified": "2024-01-01T01:15:20.317",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 1.4,
              "source": "security-advisories@github.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2023-04-17T22:15:09.947",
        "references": [
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Not Applicable"
            ],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Not Applicable"
            ],
            "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF/"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U/"
          },
          {
            "source": "security-advisories@github.com",
            "tags": [
              "Technical Description"
            ],
            "url": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4"
          }
        ],
        "sourceIdentifier": "security-advisories@github.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-436"
              }
            ],
            "source": "security-advisories@github.com",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

ghsa-wxmh-65f7-jcvw

Vulnerability from github

Published

2023-04-19 18:25

Modified

2023-04-19 18:25

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

Improper header name validation in guzzlehttp/psr7

Details

Impact

Improper header parsing. An attacker could sneak in a newline (\n) into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n.

Patches

The issue is patched in 1.9.1 and 2.4.5.

Workarounds

There are no known workarounds.

References

https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "guzzlehttp/psr7"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.9.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "guzzlehttp/psr7"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.4.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-29197"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-436"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-04-19T18:25:53Z",
    "nvd_published_at": "2023-04-17T22:15:09Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nImproper header parsing. An attacker could sneak in a newline (`\\n`) into both the header names and values. While the specification states that `\\r\\n\\r\\n` is used to terminate the header list, many servers in the wild will also accept `\\n\\n`.\n\n### Patches\n\nThe issue is patched in 1.9.1 and 2.4.5.\n\n### Workarounds\n\nThere are no known workarounds.\n\n### References\n\n* https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4\n",
  "id": "GHSA-wxmh-65f7-jcvw",
  "modified": "2023-04-19T18:25:53Z",
  "published": "2023-04-19T18:25:53Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96"
    },
    {
      "type": "WEB",
      "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-wxmh-65f7-jcvw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29197"
    },
    {
      "type": "WEB",
      "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24775"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2023-29197.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/guzzle/psr7"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00028.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJANWDXJZE5BGLN4MQ4FEHV5LJ6CMKQF"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O35UN4IK6VS2LXSRWUDFWY7NI73RKY2U"
    },
    {
      "type": "WEB",
      "url": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper header name validation in guzzlehttp/psr7"
}

CVE-2023-29197

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature

Action not permitted

CVE-2023-29197

Vulnerability from cvelistv5

wid-sec-w-2023-1626

Vulnerability from csaf_certbund

gsd-2023-29197

Vulnerability from gsd

ghsa-wxmh-65f7-jcvw

Vulnerability from github

Impact

Patches

Workarounds

References

Tags

Sightings

Nomenclature