3.1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2017-01-30	CVE-2016-2402	Improper Certificate Validation vulnerability in Squareup Okhttp and Okhttp3 OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned certificate. network high complexity squareup CWE-295	5.9

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.