Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
async-http-client project async-http-client vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-7397
Async Http Client (aka AHC or async-http-client) prior to 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle malicious users to spoof HTTPS servers by presenting an arbitrary cert...
Redhat Jboss Fuse
Async-http-client Project Async-http-client
383
VMScore
CVE-2013-7398
main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) prior to 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle malicious users to spoof HTTPS servers via an a...
Async-http-client Project Async-http-client
Redhat Jboss Fuse
NA
CVE-2023-0040
Versions of Async HTTP Client before 1.13.2 are vulnerable to a form of targeted request manipulation called CRLF injection. This vulnerability was the result of insufficient validation of HTTP header field values before sending them to the network. Users are vulnerable if they p...
Asynchttpclient Project Async-http-client
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started