CVE-2023-0833
Safety vulnerability ID: SFTY-20250125-81069
A flaw was found in the OKHttp component of Red Hat's AMQ-Streams, which allows an authenticated attacker to exploit an information disclosure flaw via an exception triggered by a header containing an illegal value. This could lead to sensitive information being exposed outside of the attacker's regular permissions.
Overview
A flaw was found in the OKHttp component of Red Hat's AMQ-Streams, which allows an authenticated attacker to exploit an information disclosure flaw via an exception triggered by a header containing an illegal value. This could lead to sensitive information being exposed outside of the attacker's regular permissions.
Advisory
A flaw was found in the OKHttp component of Red Hat's AMQ-Streams, which allows an authenticated attacker to exploit an information disclosure flaw via an exception triggered by a header containing an illegal value. This could lead to sensitive information being exposed outside of the attacker's regular permissions.
Affected Package
How to Fix
We recommend updating com.squareup.okhttp3:okhttp to the latest non-vulnerable version.
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities in this package.
| CVE ID | Vulnerable Symbol | File Name | Fix Commit | Affected Versions |
|---|---|---|---|---|
No vulnerable functions found for this package. | ||||
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more