pkg:composer/guzzlehttp/guzzle
Type
composer
Namespace
guzzlehttp
Name
guzzle
Known advisories, vulnerabilities and fixes for guzzle package.
High
6
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 4.0.0-rc2, < 4.2.4 >= 6, < 6.2.1 >= 5, < 5.3.1 |
CVE-2016-5385
|
PHP:GUZZLEHTTP-GUZZLE-2016-5385 | HTTP Proxy header vulnerability | high |
2015-07-15T17:36:08
(9 years ago) |
|
Affected | >= 7, < 7.4.3 >= 4, < 6.5.6 |
CVE-2022-29248
|
PHP:GUZZLEHTTP-GUZZLE-2022-29248 | Cross-domain cookie leakage | high |
2022-05-25T13:24:00
(2 years ago) |
|
Affected | >= 4, < 6.5.7 >= 7, < 7.4.4 |
CVE-2022-31042
|
PHP:GUZZLEHTTP-GUZZLE-2022-31042 | Failure to strip the Cookie header on change in host or HTTP downgrade | high |
2022-06-09T23:36:00
(2 years ago) |
|
Affected | >= 4, < 6.5.7 >= 7, < 7.4.4 |
CVE-2022-31043
|
PHP:GUZZLEHTTP-GUZZLE-2022-31043 | Fix failure to strip Authorization header on HTTP downgrade | high |
2022-06-09T23:36:00
(2 years ago) |
|
Affected | >= 7, < 7.4.5 >= 4, < 6.5.8 |
CVE-2022-31090
|
PHP:GUZZLEHTTP-GUZZLE-2022-31090 | CURLOPT_HTTPAUTH option not cleared on change of origin | high |
2022-06-20T22:24:00
(2 years ago) |
|
Affected | >= 7, < 7.4.5 >= 4, < 6.5.8 |
CVE-2022-31091
|
PHP:GUZZLEHTTP-GUZZLE-2022-31091 | Change in port should be considered a change in origin | high |
2022-06-20T22:24:00
(2 years ago) |