Skip to main content

Jersey

2 CVEs product

Monthly

CVE-2025-12383 Maven CRITICAL PATCH This Week

In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Authentication Bypass Jersey
NVD
CVSS 4.0
9.4
EPSS
0.1%
CVE-2021-28168 Maven MEDIUM PATCH This Month

Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Jersey Communications Cloud Native Core Policy Communications Cloud Native Core Unified Data Repository
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
EPSS 0% CVSS 9.4
CRITICAL PATCH This Week

In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Authentication Bypass Jersey
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Jersey Communications Cloud Native Core Policy +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy