squareup
Security Risk Profile
43
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 11 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from November 3, 2016 to present
11
Total CVEs
6
Critical+High
0
Exploited
1
Unpatched
Threat Assessment
Avg CVSS
7.4
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
1
Critical/High
Risk Level
43/100
medium
Severity Distribution
Critical
4High
2Medium
5Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
0Age Distribution
Common Weaknesses (CWE)
1
Command Injection
2
2
SQL Injection
1
3
XEE
1
4
SSRF
1
5
Input Validation
1
Most Affected Products
1. squareup Okhttp35
2. IBM Security Verify Information Queue4
3. squareup Okio3
4. squareup Okhttp3
5. maven/com.squareup.okio:okio2
Recent Vulnerabilities
See more →CVE-2023-3782
CVSS 5.9medium
DoS of the OkHttp client when using a BrotliInterceptor and surfing to a malicious web server, or when an attacker can perform MitM to inject a Brotli zip-bomb into an HTTP response
7/19/2023🔧 No Patch
CVE-2023-3635
CVSS 7.5high
Okio GzipSource unhandled exception Denial of Service
7/12/2023
CVE-2023-0833
CVSS 5.5medium
Red hat a-mq streams: component version with information disclosure flaw
2/14/2023
CVE-2020-36645
CVSS 9.8critical
square squalor sql injection
1/7/2023
CVE-2021-23331
CVSS 4.4medium
Insecure Temporary File
2/3/2021🔧 No Patch
CVE-2018-20200
CVSS 5.9medium
4/18/2019
CVE-2018-1000844
CVSS 9.1critical
12/20/2018🔧 No Patch
CVE-2018-1000850
CVSS 8.1high
10/21/2018
CVE-2016-2402
CVSS 5.9medium
1/30/2017🔧 No Patch
CVE-2015-8969
CVSS 10.0critical
11/3/2016
Monitor squareup in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.