Vulnerabilities > Asynchttpclient Project > Async Http Client > 1.9.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-31 | CVE-2017-14063 | Improper Input Validation vulnerability in Asynchttpclient Project Async-Http-Client Async Http Client (aka async-http-client) before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. | 7.5 |