Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
async-http-client project async-http-client vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-7397
Async Http Client (aka AHC or async-http-client) prior to 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle malicious users to spoof HTTPS servers by presenting an arbitrary cert...
Redhat Jboss Fuse
Async-http-client Project Async-http-client
4.3
CVSSv2
CVE-2013-7398
main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) prior to 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle malicious users to spoof HTTPS servers via an a...
Async-http-client Project Async-http-client
Redhat Jboss Fuse
NA
CVE-2023-0040
Versions of Async HTTP Client before 1.13.2 are vulnerable to a form of targeted request manipulation called CRLF injection. This vulnerability was the result of insufficient validation of HTTP header field values before sending them to the network. Users are vulnerable if they p...
Asynchttpclient Project Async-http-client
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started