⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2023-29197Interpretation Conflict in Psr7

CWE-436Interpretation Conflict9 documents6 sources
Severity
7.5HIGHNVD
GHSA5.3
EPSS
2.3%
top 15.27%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
4
Guzzle Psr7Guzzlephp Psr-7Guzzlehttp Psr7+1 more
Timeline
PublishedApr 17
Latest updateJan 21

Description

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\n) into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. This is a follow-up to CVE-2022-24775 where the fix was incomplete. The issue has been patched in versions 1.9.1 and 2.4.5. There are no known workarounds for

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

Packagistguzzlehttp/psr72.0.02.4.5+1
CVEListV5guzzle/psr7< 1.9.1+1
NVDguzzlephp/psr-72.0.02.4.5+1

Also affects: Fedora 37, 38

🔴Vulnerability Details

5
GHSA
Missing validation of header name and value in codeigniter4/framework2025-01-21
OSV
Improper header name validation in guzzlehttp/psr72023-04-19
GHSA
Improper header name validation in guzzlehttp/psr72023-04-19
CVEList
Improper header name validation in guzzlehttp/psr72023-04-17
OSV
CVE-2023-29197: guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP2023-04-17

📋Vendor Advisories

3
Ubuntu
php-nyholm-psr7 vulnerability2024-02-29
Ubuntu
php-guzzlehttp-psr7 vulnerabilities2024-02-29
Debian
CVE-2023-29197: php-guzzlehttp-psr7 - guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected ...2023
CVE-2023-29197 — Interpretation Conflict in Guzzle Psr7 | cvebase