Com.squareup.okhttp3:okhttp
This hub aggregates every CVE we track for Com.squareup.okhttp3:okhttp, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
2
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
HIGH1MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 2 most recently published vulnerabilities affecting Com.squareup.okhttp3:okhttp.
- CVE-2021-0341In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure wi...7.5
- CVE-2016-2402OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinn...5.9
Product normalization is registry-driven with AI assist and human review. How it works