| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2016-5385 |
high |
8.1 |
8.1 |
10y ago |
HTTP Proxy header vulnerability |
+1 |
| CVE-2022-31091 |
unknown |
— |
— |
4y ago |
Change in port should be considered a change in origin |
|
| CVE-2022-31090 |
unknown |
— |
— |
4y ago |
CURLOPT_HTTPAUTH option not cleared on change of origin |
|
| CVE-2022-31042 |
unknown |
— |
— |
4y ago |
Fix failure to strip Authorization header on HTTP downgrade |
|
| CVE-2022-31043 |
unknown |
— |
— |
4y ago |
Fix failure to strip Authorization header on HTTP downgrade |
|
| CVE-2022-29248 |
unknown |
— |
— |
4y ago |
Cross-domain cookie leakage in Guzzle |
|