4.7 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Changed (C)
- Confidentiality (C): Low (L)
- Integrity (I): Low (L)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): Low (L)
- Modified Scope (MS): Changed (C)
- Modified Integrity (MI): Low (L)
- Modified Availability (MA): None (N)
Activity log
- Created suggestion
Guzzle: Cookie Disclosure and Injection via IP-Address Domains
Guzzle is an extensible PHP HTTP client. Prior to 7.12.3, CookieJar did not restrict cookies scoped to IP-address or bare-numeric Domain values to the exact host that set them, because SetCookie::matchesDomain() applied ordinary suffix matching to domains such as 192.168.0.1, [::1], or 1, allowing cross-host cookie disclosure, cookie injection, or session fixation. This issue is fixed in version 7.12.3.
References
-
https://github.com/guzzle/guzzle/security/advisories/GHSA-g446-98w2-8p5w x_refsource_CONFIRM
-
https://github.com/guzzle/guzzle/pull/3694 x_refsource_MISC
-
https://github.com/guzzle/guzzle/releases/tag/7.12.3 x_refsource_MISC
Affected products
- ==< 7.12.3
Matching in nixpkgs
pkgs.python313Packages.guzzle-sphinx-theme
Sphinx theme used by Guzzle: http://guzzlephp.org
Package maintainers
-
@flokli Florian Klink <flokli@flokli.de>