Generation of Error Message Containing Sensitive Information
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the "OKHttp" component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular permissions. This vulnerability affects com.squareup.okhttp3:okhttp package versions through 4.9.1, 4.10.0-RC1, and 5.0.0-alpha.1 through 5.0.0-alpha.2.
CWE-209 - Generation of Error Message Containing Sensitive Information
The software generates an error message that includes sensitive information about its environment, users, or associated data.