Every CVE whose affected-product data names Guzzlephp Guzzle, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-29248 — CVSS 8.0 (high): Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The…
CVE-2022-31090 — CVSS 7.7 (high): Guzzle, an extensible PHP HTTP client. `Authorization` headers on requests are sensitive information. In affected versions when using our…
CVE-2022-31091 — CVSS 7.7 (high): Guzzle, an extensible PHP HTTP client. `Authorization` and `Cookie` headers on requests are sensitive information. In affected versions on…
CVE-2022-31042 — CVSS 7.5 (high): Guzzle is an open source PHP HTTP client. In affected versions the `Cookie` headers on requests are sensitive information. On making a…
CVE-2022-31043 — CVSS 7.5 (high): Guzzle is an open source PHP HTTP client. In affected versions `Authorization` headers on requests are sensitive information. On making a…
CVE-2026-55568 — CVSS 5.9 (medium): Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, in certain configurations, traffic expected to be protected by TLS on the hop to…
CVE-2026-55767 — CVSS 5.8 (medium): Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and…