Maven: com.squareup.okhttp3:okhttp

CVE-2023-0833

Safety vulnerability ID: SFTY-20250125-81069

A flaw was found in the OKHttp component of Red Hat's AMQ-Streams, which allows an authenticated attacker to exploit an information disclosure flaw via an exception triggered by a header containing an illegal value. This could lead to sensitive information being exposed outside of the attacker's regular permissions.

MavenNVDNVD
Created at: Oct 11, 2025Updated at: Oct 11, 2025

Overview

A flaw was found in the OKHttp component of Red Hat's AMQ-Streams, which allows an authenticated attacker to exploit an information disclosure flaw via an exception triggered by a header containing an illegal value. This could lead to sensitive information being exposed outside of the attacker's regular permissions.

Advisory

A flaw was found in the OKHttp component of Red Hat's AMQ-Streams, which allows an authenticated attacker to exploit an information disclosure flaw via an exception triggered by a header containing an illegal value. This could lead to sensitive information being exposed outside of the attacker's regular permissions.

Affected Package

Affecting com.squareup.okhttp3:okhttp package, versions
<4.9.2

Also affects

---

How to Fix

We recommend updating com.squareup.okhttp3:okhttp to the latest non-vulnerable version.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

Safety

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more