Eclipse Jersey 3.0.16
Approved changes feed: RSS · Atom
cpe:2.3:a:eclipse:jersey:3.0.16:*:*:*:*:*:*:*
part: a version: 3.0.16 update: *
| Vendor | Eclipse (fa988180-604e-5c1f-93ea-65b5297000fc) |
|---|---|
| Product | Jersey (ed042c38-78ce-573d-8b9b-15d13f5d770c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/eclipse-ee4j/jersey |
purl2cpe | 2026-06-01 10:15:02.998502 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-12383 |
vulnerable | 2026-06-03 14:58:44.266546 |
Race Condition allows Bypass of Trust Restrictions
In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security settings. This issue may result in SSLHandshakeException under normal circumstances, but under certain conditions, it could lead to unauthorized trust in insecure servers (see PoC)
Published: 2025-11-18T15:14:37.765Z
Updated: 2025-11-18T21:34:35.027Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.