{"package":"zendframework/zend-diactoros","ecosystem":"composer","latest_version":"2.2.1","description":"PSR HTTP Message implementations","license":"BSD-3-Clause","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"","repository":"https://github.com/zendframework/zend-diactoros","downloads_weekly":0,"health":{"score":5,"risk":"critical","breakdown":{"maintenance":0,"popularity":0,"security":20,"maturity":15,"community":0},"deprecated":true,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":1,"medium":0,"low":0,"details":[{"vuln_id":"GHSA-f6p5-76fp-m248","severity":"high","summary":"URL Rewrite vulnerability in multiple zendframework components","affected_versions":"<1.8.4|<2.10.3|<2.8.1|=1.0.0|=1.0.1|=1.0.2|=1.0.3|=1.0.4|=1.0.5|=1.1.0|=1.1.1|=1.1.2|=1.1.3|=1.1.4|=1.2.0|=1.2.1|=1.3.0|=1.3.1|=1.3.10|=1.3.11|=1.3.2|=1.3.3|=1.3.4|=1.3.5|=1.3.6|=1.3.7|=1.3.8|=1.3.9|=1.4.0|=1.4.1|=1.5.0|=1.6.0|=1.6.1|=1.7.0|=1.7.1|=1.7.2|=1.8.0|=1.8.1|=1.8.2|=1.8.3|=2.0.3|=2.0.4|=2.0.5|=2.0.6|=2.0.7|=2.0.8|=2.1.0|=2.1.1|=2.1.2|=2.1.3|=2.1.4|=2.1.5|=2.1.6|=2.10.0|=2.10.1|=2.10.2|=2.2.0|=2.2.0rc1|=2.2.0rc2|=2.2.0rc3|=2.2.1|=2.2.10|=2.2.2|=2.2.3|=2.2.4|=2.2.5|=2.2.6|=2.2.7|=2.2.8|=2.2.9|=2.3.0|=2.3.1|=2.3.2|=2.3.3|=2.3.4|=2.3.5|=2.3.6|=2.3.7|=2.3.8|=2.3.9|=2.4.0|=2.4.0rc1|=2.4.0rc2|=2.4.0rc3|=2.4.0rc4|=2.4.0rc5|=2.4.0rc6|=2.4.0rc7|=2.4.1|=2.4.10|=2.4.11|=2.4.12|=2.4.13|=2.4.2|=2.4.3|=2.4.4|=2.4.5|=2.4.6|=2.4.7|=2.4.8|=2.4.9|=2.5.0|=2.5.1|=2.5.2|=2.6.0|=2.7.0|=2.8.0|=2.9.0|=2.9.1|=2.0.3|=2.0.4|=2.0.5|=2.0.6|=2.0.7|=2.0.8|=2.1.0|=2.1.1|=2.1.2|=2.1.3|=2.1.4|=2.1.5|=2.1.6|=2.2.0|=2.2.0rc1|=2.2.0rc2|=2.2.0rc3|=2.2.1|=2.2.10|=2.2.2|=2.2.3|=2.2.4|=2.2.5|=2.2.6|=2.2.7|=2.2.8|=2.2.9|=2.3.0|=2.3.1|=2.3.2|=2.3.3|=2.3.4|=2.3.5|=2.3.6|=2.3.7|=2.3.8|=2.3.9|=2.4.0|=2.4.0rc1|=2.4.0rc2|=2.4.0rc3|=2.4.0rc4|=2.4.0rc5|=2.4.0rc6|=2.4.0rc7|=2.4.1|=2.4.10|=2.4.11|=2.4.12|=2.4.13|=2.4.2|=2.4.3|=2.4.4|=2.4.5|=2.4.6|=2.4.7|=2.4.8|=2.4.9|=2.5.0|=2.5.1|=2.5.2|=2.5.3|=2.5.4|=2.5.5|=2.5.6|=2.6.0|=2.7.0|=2.8.0","fixed_version":"2.8.1","source":"osv","published_at":"2022-04-28T21:09:54Z"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"2.2.1","total_count":53,"recent":["2.2.1","2.2.0","2.1.5","2.1.4","2.1.3","2.1.2","2.1.1","2.1.0","2.0.3","2.0.2","2.0.1","2.0.0","1.8.7","1.8.6","1.8.5","1.8.4","1.8.3","1.8.2","1.8.1","1.8.0"]},"metadata":{"deprecated":true,"deprecated_message":"laminas/laminas-diactoros","maintainers_count":0,"first_published":null,"last_published":"2019-11-13T19:16:13+00:00","dependencies_count":3,"dependencies":["php","psr/http-factory","psr/http-message"]},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"find_alternative","issues":["Low health score (5/100)","1 high severity vulnerabilities","Package is deprecated"],"use_version":"2.2.1","version_hint":"Update to >= 2.8.1 to fix known vulnerabilities","summary":"zendframework/zend-diactoros is deprecated — find an alternative","alternatives":[{"name":"laminas/laminas-diactoros","reason":"Laminas fork","builtin":false}]},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":347,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":true,"bus_factor_3m":1,"active_contributors_12m":0,"primary_author_ratio":0.0,"owner_account_age_days":5806,"is_archived":true,"stars":1532,"alerts":["single_active_maintainer_3m","archived_repo"]},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"alternatives_link":{"url":"/api/alternatives/composer/zendframework/zend-diactoros","count":1},"version_history_summary":{"total_versions":20,"first_release_age_days":null,"last_release_days_ago":2358,"avg_days_between_releases":null,"release_velocity":"stale"}}