漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Improper Input Validation in guzzlehttp/psr7
Vulnerability Description
guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
PSR-7 Message Implementation 输入验证错误漏洞
Vulnerability Description
PSR-7 Message Implementation是一个完整的 PSR-7 消息实现。 PSR-7 Message Implementation 1.8.3 版本及之前版本和从 2.0.0 版本到 2.1.0 版本 psr7 存在输入验证错误漏洞。攻击者可以增加新的一行字符,并在其中传入不受信任的值。
CVSS Information
N/A
Vulnerability Type
N/A