Vuln
·
Scope
Home
Packages
KEV
Critical
Insights
Jobs
Pricing
EN
中
Loading…
Maven/org.asynchttpclient:async-http-client — 4 CVEs · VulnScope
pkg:Maven/
org.asynchttpclient:async-http-client
4 total CVEs
HIGH
2
MEDIUM
1
✅ Check your installed version
Check
All known vulnerabilities
HIGH
7.5
CVE-2017-14063
Improper Input Validation in async-http-client
from 0, < 2.0.35
HIGH
7.4
CVE-2026-45300
async-http-client: Cookie header not stripped on cross-origin redirect
>= 3.0.0.Beta1, < 3.0.10
MEDIUM
6.8
CVE-2026-40490
AsyncHttpClient leaks authorization credentials to untrusted domains on cross-origin redirects
>= 3.0.0.Beta1, < 3.0.9
—
AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s
>= 2.1.0, < 2.12.4
CVE-2024-53990