A flaw was found in Red Hat’s AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular permissions.
CPE | Name | Operator | Version |
---|---|---|---|
a-mq_streams | ge | 2.3.0 | |
a-mq_streams | lt | 2.4.0 | |
a-mq_streams | lt | 2.2.1 | |
okhttp | lt | 4.9.2 |