Vulnerabilities in AsyncHttpClient
3 resultsCVE-2024-53990CRITICALAsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`sEPSS 0.6%CVE-2026-40490MEDIUMAsyncHttpClient leaks authorization credentials to untrusted domains on cross-origin redirectsEPSS 0.3%CVE-2026-45300HIGHasync-http-client: Cookie header not stripped on cross-origin redirectEPSS 0.3%