Async-http-client Project Async-http-client — known CVE vulnerabilities
Every CVE whose affected-product data names Async-http-client Project Async-http-client, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2013-7397 — CVSS 4.3 (medium): Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a…
CVE-2013-7398 — CVSS 4.3 (medium): main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) before 1.9.0 does not require…