Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guzzlephp guzzle vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2022-31090
Guzzle, an extensible PHP HTTP client. `Authorization` headers on requests are sensitive information. In affected versions when using our Curl handler, it is possible to use the `CURLOPT_HTTPAUTH` option to specify an `Authorization` header. On making a request which responds wit...
Guzzlephp Guzzle
Debian Debian Linux 11.0
356
VMScore
CVE-2022-31091
Guzzle, an extensible PHP HTTP client. `Authorization` and `Cookie` headers on requests are sensitive information. In affected versions on making a request which responds with a redirect to a URI with a different port, if we choose to follow it, we should remove the `Authorizatio...
Guzzlephp Guzzle
Debian Debian Linux 11.0
516
VMScore
CVE-2022-29248
Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a ...
Guzzlephp Guzzle
Drupal Drupal
Debian Debian Linux 11.0
445
VMScore
CVE-2022-31042
Guzzle is an open source PHP HTTP client. In affected versions the `Cookie` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, or on making a request to a server w...
Guzzlephp Guzzle
Drupal Drupal
Drupal Drupal 9.4.0
Debian Debian Linux 11.0
445
VMScore
CVE-2022-31043
Guzzle is an open source PHP HTTP client. In affected versions `Authorization` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, we should not forward the `Author...
Guzzlephp Guzzle
Drupal Drupal
Drupal Drupal 9.4.0
Debian Debian Linux 11.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started