CVSS: 9.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53990 – AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s
https://notcve.org/view.php?id=CVE-2024-53990
02 Dec 2024 — The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When making any HTTP request, the automatically enabled and self-managed CookieStore (aka cookie jar) will silently replace explicitly defined Cookies with any that have the same name from the cookie jar. For services that operate with multiple users, this can result in one user's Cookie being used for another user's requests. La librería AsyncHttpClient (AHC) permite que las... • https://github.com/AsyncHttpClient/async-http-client/commit/d5a83362f7aed81b93ebca559746ac9be0f95425 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-0040
https://notcve.org/view.php?id=CVE-2023-0040
18 Jan 2023 — Versions of Async HTTP Client prior to 1.13.2 are vulnerable to a form of targeted request manipulation called CRLF injection. This vulnerability was the result of insufficient validation of HTTP header field values before sending them to the network. Users are vulnerable if they pass untrusted data into HTTP header field values without prior sanitisation. Common use-cases here might be to place usernames from a database into HTTP header fields. This vulnerability allows attackers to inject new HTTP header ... • https://github.com/swift-server/async-http-client/security/advisories/GHSA-v3r5-pjpm-mwgq • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2017-14063 – async-http-client: Invalid URL parsing with '?'
https://notcve.org/view.php?id=CVE-2017-14063
31 Aug 2017 — Async Http Client (aka async-http-client) before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL (CVE-2016-8624) and Oracle Java 8 java.net.URL. Async Http Client (también async-http-client) en versiones anteriores a la 2.0.35 se puede engañar para que se conecte a otro host diferente del extraído por java.net.URI si existe el caracter '?' en un identificador d... • http://openwall.com/lists/oss-security/2017/08/31/4 • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 1%CPEs: 2EXPL: 0CVE-2013-7397 – async-http-client: SSL/TLS certificate verification is disabled under certain conditions
https://notcve.org/view.php?id=CVE-2013-7397
17 Apr 2015 — Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenting an arbitrary certificate during use of a typical AHC configuration, as demonstrated by a configuration that does not send client certificates. Async Http Client (también conocido como AHC o async-http-client) anterior a 1.9.0 salta la verificación los certi... • http://openwall.com/lists/oss-security/2014/08/26/1 • CWE-295: Improper Certificate Validation CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.8EPSS: 1%CPEs: 2EXPL: 0CVE-2013-7398 – async-http-client: missing hostname verification for SSL certificates
https://notcve.org/view.php?id=CVE-2013-7398
17 Apr 2015 — main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) before 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate. main/java/com/ning/http/client/AsyncHttpClientConfig.java en Async Http Client (también conocido como AHC o async-http-client) anterior a 1.9.0 no requiere una coincidencia de nombre de anfitrión durante la verif... • http://openwall.com/lists/oss-security/2014/08/26/1 • CWE-297: Improper Validation of Certificate with Host Mismatch CWE-345: Insufficient Verification of Data Authenticity •