Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SquareupOkhttp

3 matches found

CVE
CVEadded 2023/09/27 1:41 p.m.173 views

CVE-2023-0833

CVE-2023-0833 — IBM and Red Hat sources confirm an information disclosure flaw in the OKHttp component shipped with Red Hat AMQ-Streams. An authenticated attacker could trigger an exception via a header containing an illegal value to access information beyond their permissions. The IBM security b...

5.5CVSS4.8AI score0.00029EPSS
CVE
CVEadded 2017/01/30 10:0 p.m.110 views

CVE-2016-2402

CVE-2016-2402 affects OkHttp, where MITM bypass of certificate pinning is possible. The vulnerability occurs when an attacker presents a certificate chain containing a non-pinned trusted CA alongside the pinned certificate, enabling bypass of pinning checks in OkHttp before 2.7.4 and in 3.x befor...

5.9CVSS5.7AI score0.02681EPSS
CVE
CVEadded 2019/04/18 6:31 p.m.74 views

CVE-2018-20200

CVE-2018-20200 affects OkHttp 3.x up to 3.12.0: CertificatePinner.java may allow MITM bypass of certificate pinning by changing SSLContext and boolean values during hooking. The vulnerability is explicitly disputed as not a true vulnerability by some parties, per the notes in the description. Con...

5.9CVSS5.5AI score0.00294EPSS