Skip to main content

Okhttp3

1 CVEs product

Monthly

CVE-2016-2402 Maven MEDIUM PATCH This Month

OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Okhttp Okhttp3
NVD
CVSS 3.1
5.9
EPSS
2.7%
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Okhttp Okhttp3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy