Advisories for Maven/Com.squareup.okhttp3/Okhttp package

This advisory has been marked as a false positive.

CertificatePinner.java allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application.

OkHttp allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned certificate.