[Git][security-tracker-team/security-tracker][master] Add CVE-2026-45300/async-http-client

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 6 09:28:31 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
753a0aca by Salvatore Bonaccorso at 2026-06-06T10:28:04+02:00
Add CVE-2026-45300/async-http-client

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -100,7 +100,10 @@ CVE-2026-45409 (Internationalized Domain Names in Applications (IDNA) for Python
 	NOTE: Fixed by: https://github.com/kjd/idna/commit/628fef84d3eda59321c21127e73dcd873db23ead (v3.14)
 	NOTE: Fixed by: https://github.com/kjd/idna/commit/e1cb465b6376f33306a26f467d197edbcd01c4b9 (v3.15)
 CVE-2026-45300 (The AsyncHttpClient (AHC) library allows Java applications to easily e ...)
-	TODO: check
+	- async-http-client <unfixed>
+	NOTE: https://github.com/AsyncHttpClient/async-http-client/security/advisories/GHSA-fmxf-pm6p-7xgm
+	NOTE: Fixed by: https://github.com/AsyncHttpClient/async-http-client/commit/3b0e3e9e889f950c94665c7b72e1af94f922bfe2 (async-http-client-project-3.0.10)
+	NOTE: Fixed by: https://github.com/AsyncHttpClient/async-http-client/commit/5eed33962a412a0100f8117dca849930652bfe30 (async-http-client-project-2.15.0)
 CVE-2026-36785 (Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered ...)
 	NOT-FOR-US: Tenda
 CVE-2026-34123 (On Tapo C520WS v2, restricted accounts (for example, hub users) are in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/753a0acaa110ee8d6445dfdb42cb1d703d37ffd2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/753a0acaa110ee8d6445dfdb42cb1d703d37ffd2
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260606/08952ccc/attachment.htm>

More information about the debian-security-tracker-commits mailing list