VulnerableCode Package Details - pkg:maven/com.squareup.okhttp3/okhttp@4.0.0-RC1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/com.squareup.okhttp3/okhttp@4.0.0-RC1

purl	pkg:maven/com.squareup.okhttp3/okhttp@4.0.0-RC1

Next non-vulnerable version	4.9.2
Latest non-vulnerable version	4.9.2
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-4e5q-x177-uyat Aliases: CVE-2021-0341 GHSA-3cqm-mf7h-prrj	Square OkHttp can accept the wrong certificate In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android ID: A-171980069	4.9.2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:55:53.897737+00:00	GitLab Importer	Affected by	VCID-4e5q-x177-uyat	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.squareup.okhttp3/okhttp/CVE-2021-0341.yml	38.4.0
2026-04-11T23:11:17.643205+00:00	GitLab Importer	Affected by	VCID-4e5q-x177-uyat	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.squareup.okhttp3/okhttp/CVE-2021-0341.yml	38.3.0
2026-04-02T23:19:46.069923+00:00	GitLab Importer	Affected by	VCID-4e5q-x177-uyat	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.squareup.okhttp3/okhttp/CVE-2021-0341.yml	38.1.0
2026-04-01T17:40:17.692106+00:00	GitLab Importer	Affected by	VCID-4e5q-x177-uyat	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.squareup.okhttp3/okhttp/CVE-2021-0341.yml	38.0.0