org.asynchttpclient:async-http-client (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.asynchttpclient:async-http-client, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2024-53990: The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When…
CVE-2017-14063 — CVSS 7.5 (high): Async Http Client (aka async-http-client) before 2.0.35 can be tricked into connecting to a host different from the one extracted by…
CVE-2026-45300 — CVSS 7.4 (high): The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses…
CVE-2026-40490 — CVSS 6.8 (medium): The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When…