CVE-2023-0833 – Red hat a-mq streams: component version with information disclosure flaw

https://notcve.org/view.php?id=CVE-2023-0833

A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular permissions. Se encontró una falla en AMQ-Streams de Red Hat, que incluye una versión del componente OKHttp con una falla de divulgación de información a través de una excepción activada por un encabezado que contiene un valor ilegal. Este problema podría permitir que un atacante autenticado acceda a información fuera de sus permisos habituales. • https://access.redhat.com/errata/RHSA-2023:1241 https://access.redhat.com/errata/RHSA-2023:3223 https://access.redhat.com/security/cve/CVE-2023-0833 https://bugzilla.redhat.com/show_bug.cgi?id=2169845 https://github.com/square/okhttp/issues/6738 • CWE-209: Generation of Error Message Containing Sensitive Information •