PKSA-2z36-j4q9-rsfy Security Advisory
-
[HIGH] Fix failure to strip Authorization header on HTTP downgrade
PKSA-2z36-j4q9-rsfy CVE-2022-31043 GHSA-w248-ffj2-4v5q
Affected package: guzzlehttp/guzzle
Affected version: >=7,<7.4.4|>=4,<6.5.7
Reported by:
GitHub, FriendsOfPHP/security-advisories