Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CVE] [Medium] CVE-2023-0833 okhttp-3.12.12.jar #1781

Open
josedee opened this issue Jan 24, 2025 · 0 comments
Open

[CVE] [Medium] CVE-2023-0833 okhttp-3.12.12.jar #1781

josedee opened this issue Jan 24, 2025 · 0 comments
Assignees
@josedee
Labels
area:dependencies Dependency upgrade/update/migration area:engine Related to the runtime engines

Comments

@josedee
Copy link

josedee commented Jan 24, 2025

GroupId: com.squareup.okhttp3
ArtifactId: okhttp
Version: 3.12.12

Description: A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular permissions.

Top fix: Upgrade to version com.squareup.okhttp3:okhttp:4.9.2
Message: Upgrade to version
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@josedee josedee

Labels
area:dependencies Dependency upgrade/update/migration area:engine Related to the runtime engines
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yesamer @josedee