pkg:composer/guzzlehttp/guzzle
Type
composer
Namespace
guzzlehttp
Name
guzzle
Known advisories, vulnerabilities and fixes for guzzle package.
High
6
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | >= 4.0.0-rc2, < 4.2.4 >= 6, < 6.2.1 >= 5, < 5.3.1 |
CVE-2016-5385
|
 PHP:GUZZLEHTTP-GUZZLE-2016-5385
|
HTTP Proxy header vulnerability | high |
2015-07-15T17:36:08
(9 years ago) |
|
| Affected | >= 7, < 7.4.3 >= 4, < 6.5.6 |
CVE-2022-29248
|
PHP:GUZZLEHTTP-GUZZLE-2022-29248
|
Cross-domain cookie leakage | high |
2022-05-25T13:24:00
(2 years ago) |
|
| Affected | >= 4, < 6.5.7 >= 7, < 7.4.4 |
CVE-2022-31042
|
PHP:GUZZLEHTTP-GUZZLE-2022-31042
|
Failure to strip the Cookie header on change in host or HTTP downgrade | high |
2022-06-09T23:36:00
(2 years ago) |
|
| Affected | >= 4, < 6.5.7 >= 7, < 7.4.4 |
CVE-2022-31043
|
PHP:GUZZLEHTTP-GUZZLE-2022-31043
|
Fix failure to strip Authorization header on HTTP downgrade | high |
2022-06-09T23:36:00
(2 years ago) |
|
| Affected | >= 7, < 7.4.5 >= 4, < 6.5.8 |
CVE-2022-31090
|
PHP:GUZZLEHTTP-GUZZLE-2022-31090
|
CURLOPT_HTTPAUTH option not cleared on change of origin | high |
2022-06-20T22:24:00
(2 years ago) |
|
| Affected | >= 7, < 7.4.5 >= 4, < 6.5.8 |
CVE-2022-31091
|
PHP:GUZZLEHTTP-GUZZLE-2022-31091
|
Change in port should be considered a change in origin | high |
2022-06-20T22:24:00
(2 years ago) |