Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guzzlephp guzzle vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv3
CVE-2022-31090
Guzzle, an extensible PHP HTTP client. `Authorization` headers on requests are sensitive information. In affected versions when using our Curl handler, it is possible to use the `CURLOPT_HTTPAUTH` option to specify an `Authorization` header. On making a request which responds wit...
Guzzlephp Guzzle
Debian Debian Linux 11.0
7.7
CVSSv3
CVE-2022-31091
Guzzle, an extensible PHP HTTP client. `Authorization` and `Cookie` headers on requests are sensitive information. In affected versions on making a request which responds with a redirect to a URI with a different port, if we choose to follow it, we should remove the `Authorizatio...
Guzzlephp Guzzle
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2022-31042
Guzzle is an open source PHP HTTP client. In affected versions the `Cookie` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, or on making a request to a server w...
Guzzlephp Guzzle
Drupal Drupal
Drupal Drupal 9.4.0
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2022-31043
Guzzle is an open source PHP HTTP client. In affected versions `Authorization` headers on requests are sensitive information. On making a request using the `https` scheme to a server which responds with a redirect to a URI with the `http` scheme, we should not forward the `Author...
Guzzlephp Guzzle
Drupal Drupal
Drupal Drupal 9.4.0
Debian Debian Linux 11.0
8.1
CVSSv3
CVE-2022-29248
Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a ...
Guzzlephp Guzzle
Drupal Drupal
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started