guzzle 6.x version requirement should be updated to avoid security vulnerabilities #2535
Description
composer.json lists:
"guzzlehttp/guzzle": "~6.5||~7.0",
However, this vulnerability mandates >=6.5.8. So shouldn't it be:
"guzzlehttp/guzzle": "~6.5.8||~7.0",
?
Apologies if I'm missing something...