pkg:Maven/org.asynchttpclient:async-http-client

4 total CVEsHIGH2MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2017-14063Improper Input Validation in async-http-client
    from 0, < 2.0.35
  • HIGH7.4CVE-2026-45300async-http-client: Cookie header not stripped on cross-origin redirect
    >= 3.0.0.Beta1, < 3.0.10
  • MEDIUM6.8CVE-2026-40490AsyncHttpClient leaks authorization credentials to untrusted domains on cross-origin redirects
    >= 3.0.0.Beta1, < 3.0.9
  • CVE-2024-53990AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s
    >= 2.1.0, < 2.12.4