Uniffle

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-68637 CRITICAL Act Now

Uniffle HTTP client (before 0.10.0) trusts all SSL certificates and disables hostname verification by default, exposing all REST API communication between the CLI and Coordinator to man-in-the-middle attacks.

Tls Uniffle

NVD

CVSS 3.1

9.1

EPSS

0.1%

CVE-2025-68637

EPSS 0% CVSS 9.1

CRITICAL Act Now

Uniffle HTTP client (before 0.10.0) trusts all SSL certificates and disables hostname verification by default, exposing all REST API communication between the CLI and Coordinator to man-in-the-middle attacks.

Tls Uniffle

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy