Maven package
com.squareup.okio/okio
pkg:maven/com.squareup.okio/okio
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-3635 | — | >= 2.0.0-RC1, < 3.4.0 | 3.4.0 | Jul 12, 2023 | GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class. |
- CVE-2023-3635Jul 12, 2023affected >= 2.0.0-RC1, < 3.4.0fixed 3.4.0
GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class.