Jersey
Monthly
In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.