CVE-2023-0833

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/09/2023
Last modified:
07/11/2023

Description

A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular permissions.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:squareup:okhttp:*:*:*:*:*:*:*:* 4.9.2 (excluding)
cpe:2.3:a:redhat:a-mq_streams:*:*:*:*:*:*:*:* 2.2.1 (excluding)
cpe:2.3:a:redhat:a-mq_streams:*:*:*:*:*:*:*:* 2.3.0 (including) 2.4.0 (excluding)