What is CVE-2023-29530?

CVE-2023-29530 is a high-severity vulnerability in Getlaminas Laminas-diactoros, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2023-04-24.

How severe is CVE-2023-29530?

High severity. CVSS v3 base score is 7.5 out of 10.

Improper input validation in Getlaminas Laminas-diactoros

CVE-2023-29530

Laminas Diactoros provides PSR HTTP Message implementations. In versions 2.18.0 and prior, 2.19.0, 2.20.0, 2.21.0, 2.22.0, 2.23.0, 2.24.0, and 2.25.0, users who create HTTP requests or responses using laminas/laminas-diactoros, when provid…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.010 (57.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Getlaminas Laminas-diactoros — versions 2.19.0, 2.20.0, 2.21.0
Guzzlephp Psr-7
Laminas Laminas-diactoros — versions < 2.18.1, = 2.19.0, = 2.20.0
Fedoraproject Fedora — versions 38

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

security-advisories@github.com (x_refsource_CONFIRM, Vendor Advisory)
security-advisories@github.com (x_refsource_MISC, Not Applicable)
security-advisories@github.com (Mailing List, Third Party Advisory)

Frequently asked questions

What is CVE-2023-29530?: CVE-2023-29530 is a high-severity vulnerability in Getlaminas Laminas-diactoros, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2023-04-24.
How severe is CVE-2023-29530?: High severity. CVSS v3 base score is 7.5 out of 10.