Skip to main content

Okhttp

2 CVEs product

Monthly

CVE-2023-0833 MEDIUM POC This Month

A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Red Hat Okhttp A Mq Streams
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.4%
CVE-2016-2402 Maven MEDIUM PATCH This Month

OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Okhttp Okhttp3
NVD
CVSS 3.1
5.9
EPSS
2.7%
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Red Hat Okhttp +1
NVD GitHub VulDB
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Okhttp Okhttp3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy