Search for packages
| purl | pkg:composer/amphp/artax@1.0.6 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-5gzu-cums-1qh1 | amphp/artax Cookie leakage to wrong origins and non-restricted cookie acceptance In artax version before 1.0.6 and 2 before 2.0.6, cookies of `foo.bar.example.com` were leaked to `foo.bar`. Additionally, any site could set cookies for any other site. Artax fixed this issue by following newer browser implementations now. Cookies can only be set on domains higher or equal to the current domain, but not on any public suffixes. |
GHSA-gm98-g2wf-7c68
|
| VCID-sxpe-npu5-9yd6 | Cookie leakage to wrong origins and non-restricted cookie acceptance |
2017-05-09
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-03T19:05:04.826081+00:00 | GitLab Importer | Fixing | VCID-5gzu-cums-1qh1 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/amphp/artax/GHSA-gm98-g2wf-7c68.yml | 37.0.0 |
| 2025-07-01T18:15:54.073849+00:00 | GitLab Importer | Fixing | VCID-5gzu-cums-1qh1 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/amphp/artax/GHSA-gm98-g2wf-7c68.yml | 36.1.3 |
| 2025-07-01T18:10:24.595265+00:00 | GitLab Importer | Fixing | VCID-sxpe-npu5-9yd6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/amphp/artax/2017-05-09.yml | 36.1.3 |
| 2025-07-01T14:34:51.040371+00:00 | GHSA Importer | Fixing | VCID-5gzu-cums-1qh1 | https://github.com/advisories/GHSA-gm98-g2wf-7c68 | 36.1.3 |
| 2025-07-01T12:11:40.907126+00:00 | GithubOSV Importer | Fixing | VCID-5gzu-cums-1qh1 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-gm98-g2wf-7c68/GHSA-gm98-g2wf-7c68.json | 36.1.3 |