Skip to content
This repository was archived by the owner on Jun 15, 2026. It is now read-only.
This repository was archived by the owner on Jun 15, 2026. It is now read-only.

Upgrade com.squareup.okhttp3:okhttp libraries to >= 4.9.2 due to critical security vulnerability #711

Open
Open
Upgrade com.squareup.okhttp3:okhttp libraries to >= 4.9.2 due to critical security vulnerability#711

Description

@anbangz
anbangz
opened on Jul 25, 2022

Description of vulnerability here: square/okhttp#6738

Snyk vulnerability here: https://security.snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044

I believe the

  • com.squareup.okhttp3:logging-interceptor
  • com.squareup.okhttp3:okhttp-urlconnection:3.12.12
  • com.squareup.retrofit2:retrofit:2.6.4

libraries will also have to be upgraded, as they take transitive dependencies on com.squareup.okhttp3:okhttp:3.12.12

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions