2 matches found
DEBIAN-CVE-2022-31090
Guzzle, an extensible PHP HTTP client. Authorization headers on requests are sensitive information. In affected versions when using our Curl handler, it is possible to use the CURLOPTHTTPAUTH option to specify an Authorization header. On making a request which responds with a redirect to a URI wi...
UBUNTU-CVE-2022-31091
Guzzle, an extensible PHP HTTP client. Authorization and Cookie headers on requests are sensitive information. In affected versions on making a request which responds with a redirect to a URI with a different port, if we choose to follow it, we should remove the Authorization and Cookie headers...