VulnerableCode Package Details - pkg:composer/amphp/artax@2.0.6

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5gzu-cums-1qh1	amphp/artax Cookie leakage to wrong origins and non-restricted cookie acceptance In artax version before 1.0.6 and 2 before 2.0.6, cookies of `foo.bar.example.com` were leaked to `foo.bar`. Additionally, any site could set cookies for any other site. Artax fixed this issue by following newer browser implementations now. Cookies can only be set on domains higher or equal to the current domain, but not on any public suffixes.	GHSA-gm98-g2wf-7c68
VCID-h2ms-tw6s-2uec	Cookie leakage, non-restricted cookie acceptance Cookies of `foo.bar.example.com` are leaked to foo.bar. Additionally, any site can set cookies for any other site.	GMS-2017-131
VCID-sxpe-npu5-9yd6	Cookie leakage to wrong origins and non-restricted cookie acceptance	2017-05-09

Vulnerability

Summary

Aliases

VCID-5gzu-cums-1qh1

amphp/artax Cookie leakage to wrong origins and non-restricted cookie acceptance In artax version before 1.0.6 and 2 before 2.0.6, cookies of `foo.bar.example.com` were leaked to `foo.bar`. Additionally, any site could set cookies for any other site. Artax fixed this issue by following newer browser implementations now. Cookies can only be set on domains higher or equal to the current domain, but not on any public suffixes.

GHSA-gm98-g2wf-7c68

VCID-h2ms-tw6s-2uec

Cookie leakage, non-restricted cookie acceptance Cookies of `foo.bar.example.com` are leaked to foo.bar. Additionally, any site can set cookies for any other site.

GMS-2017-131

VCID-sxpe-npu5-9yd6

Cookie leakage to wrong origins and non-restricted cookie acceptance

2017-05-09

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-03T19:05:04.848991+00:00	GitLab Importer	Fixing	VCID-5gzu-cums-1qh1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/amphp/artax/GHSA-gm98-g2wf-7c68.yml	37.0.0
2025-07-01T18:15:54.072070+00:00	GitLab Importer	Fixing	VCID-5gzu-cums-1qh1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/amphp/artax/GHSA-gm98-g2wf-7c68.yml	36.1.3
2025-07-01T18:10:24.597141+00:00	GitLab Importer	Fixing	VCID-sxpe-npu5-9yd6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/amphp/artax/2017-05-09.yml	36.1.3
2025-07-01T18:10:24.525254+00:00	GitLab Importer	Fixing	VCID-h2ms-tw6s-2uec	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/amphp/artax/GMS-2017-131.yml	36.1.3
2025-07-01T14:34:51.056224+00:00	GHSA Importer	Fixing	VCID-5gzu-cums-1qh1	https://github.com/advisories/GHSA-gm98-g2wf-7c68	36.1.3
2025-07-01T12:11:40.892361+00:00	GithubOSV Importer	Fixing	VCID-5gzu-cums-1qh1	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-gm98-g2wf-7c68/GHSA-gm98-g2wf-7c68.json	36.1.3