Vulnerabilities > Squareup > Okhttp > 3.12.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-27 | CVE-2023-0833 | Information Exposure Through an Error Message vulnerability in multiple products A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. | 5.5 |
2019-04-18 | CVE-2018-20200 | Improper Certificate Validation vulnerability in Squareup Okhttp CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. | 5.9 |