Security alert for guzzlehttp

Question

Security alert for guzzlehttp

dsenalik opened this issue 2 years ago · comments

Pull #150

We need a composer update to resolve this dependabot alert

tripal / TripalTestSuite

Known security vulnerabilities detected
Dependency guzzlehttp/psr7 Version < 1.8.4 Upgrade to ~> 1.8.4
Defined in composer.lock
Vulnerabilities
CVE-2022-24775 High severity
Dependency guzzlehttp/guzzle Version < 6.5.6 Upgrade to ~> 6.5.6
Defined in composer.lock
Vulnerabilities
CVE-2022-29248 High severity
CVE-2022-31042 High severity
CVE-2022-31043 High severity
CVE-2022-31090 High severity
CVE-2022-31091 High severity

Douglas Senalik · Answer 1 · Thu Mar 02 2023 23:27:55 GMT+0800 (China Standard Time)

Resolved with merged pr #150