com.squareup.okhttp:okhttp@2.6.0 vulnerabilities
-
latest version
2.7.5
-
latest non vulnerable version
-
first published
11 years ago
-
latest version published
8 years ago
-
licenses detected
- [1.0.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the com.squareup.okhttp:okhttp package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
com.squareup.okhttp:okhttp is an HTTP & HTTP/2 client for Android and Java applications Affected versions of this package are vulnerable to SSL Certificate Bypass. It allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned certificate. How to fix SSL Certificate Bypass? Upgrade |
[,2.7.4)
|