CVE-2023-3782 – DoS of the OkHttp client when using a BrotliInterceptor and surfing to a malicious web server, or when an attacker can perform MitM to inject a Brotli zip-bomb into an HTTP response
https://notcve.org/view.php?id=CVE-2023-3782
DoS of the OkHttp client when using a BrotliInterceptor and surfing to a malicious web server, or when an attacker can perform MitM to inject a Brotli zip-bomb into an HTTP response • https://github.com/square/okhttp/issues/7738 https://research.jfrog.com/vulnerabilities/okhttp-client-brotli-dos • CWE-400: Uncontrolled Resource Consumption •
CVE-2023-3635 – Okio GzipSource unhandled exception Denial of Service
https://notcve.org/view.php?id=CVE-2023-3635
GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class. GzipSource no maneja una excepción que podría surgir al analizar un búfer gzip malformado. Esto puede conducir a la denegación de servicio del cliente Okio cuando se maneja un archivo GZIP manipulado, mediante el uso de la clase "GzipSource". A flaw was found in SquareUp Okio. • https://github.com/square/okio/commit/81bce1a30af244550b0324597720e4799281da7b https://research.jfrog.com/vulnerabilities/okio-gzip-source-unhandled-exception-dos-xray-523195 https://access.redhat.com/security/cve/CVE-2023-3635 https://bugzilla.redhat.com/show_bug.cgi?id=2229295 • CWE-195: Signed to Unsigned Conversion Error CWE-248: Uncaught Exception CWE-681: Incorrect Conversion between Numeric Types •
CVE-2023-0833 – Red hat a-mq streams: component version with information disclosure flaw
https://notcve.org/view.php?id=CVE-2023-0833
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular permissions. Se encontró una falla en AMQ-Streams de Red Hat, que incluye una versión del componente OKHttp con una falla de divulgación de información a través de una excepción activada por un encabezado que contiene un valor ilegal. Este problema podría permitir que un atacante autenticado acceda a información fuera de sus permisos habituales. • https://access.redhat.com/errata/RHSA-2023:1241 https://access.redhat.com/errata/RHSA-2023:3223 https://access.redhat.com/security/cve/CVE-2023-0833 https://bugzilla.redhat.com/show_bug.cgi?id=2169845 https://github.com/square/okhttp/issues/6738 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVE-2021-23331 – Insecure Temporary File
https://notcve.org/view.php?id=CVE-2021-23331
This affects all versions of package com.squareup:connect. The method prepareDownloadFilecreates creates a temporary file with the permissions bits of -rw-r--r-- on unix-like systems. On unix-like systems, the system temporary directory is shared between users. As such, the contents of the file downloaded by downloadFileFromResponse will be visible to all other users on the local system. A workaround fix for this issue is to set the system property java.io.tmpdir to a safe directory as remediation. • https://github.com/square/connect-java-sdk/blob/master/src/main/java/com/squareup/connect/ApiClient.java%23L613 https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUP-1065988 •
CVE-2018-20200
https://notcve.org/view.php?id=CVE-2018-20200
CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. NOTE: This id is disputed because some parties don't consider this is a vulnerability. Their rationale can be found in https://github.com/square/okhttp/issues/4967 ** EN DISPUTA ** CertificatePinner.java en OkHttp desde la versión 3.x hasta la 3.12.0 permite un ataque man-in-the-middle para eludir la fijación de certificados cambiando SSLContext y los valores booleanos mientras enganchan la aplicación. NOTA: Esta identificación es cuestionada porque algunas partes no consideran que sea una vulnerabilidad. Su razón de ser se puede encontrar en https://github.com/square/okhttp/issues/4967. • https://cxsecurity.com/issue/WLB-2018120252 https://github.com/square/okhttp/commits/master https://github.com/square/okhttp/issues/4967 https://github.com/square/okhttp/releases https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E • CWE-295: Improper Certificate Validation •