Package impact
Maven / org.asynchttpclient:async-http-client
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45300 | high | — | 8.0 | 12d ago | async-http-client: Cookie header not stripped on cross-origin redirect | |||
| CVE-2017-14063 | high | 7.5 | 7.5 | 9y ago | Improper Input Validation in async-http-client | |||
| CVE-2026-40490 | unknown | — | — | 2mo ago | AsyncHttpClient leaks authorization credentials to untrusted domains on cross-origin redirects | |||
| CVE-2024-53990 | unknown | — | — | 2y ago | AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s |