OSV - Open Source Vulnerabilities

CLEANSTART-2026-JU62349

CleanStart/apache-hive

Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2023-2976, CVE-2023-44981, CVE-2024-23454, CVE-2024-23944, CVE-2024-38827, CVE-2024-47554, CVE-2024-6763, CVE-2024-7254, CVE-2025-11143, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-40490, CVE-2026-41417, CVE-2026-5588, ghsa-72hv-8253-57qq, ghsa-cmxv-58fp-fm3g applied in versions: 4.2.0-r0, 4.2.0-r1, 4.2.0-r2

18 May

Fix available

GHSA-cmxv-58fp-fm3g

Maven/org.asynchttpclient:async-http-client

AsyncHttpClient leaks authorization credentials to untrusted domains on cross-origin redirects

14 Apr

Fix available
Severity - 6.8 (Medium)